WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SQL Injection data retrieving??

From: "saphyr" <saphyr () infomaniak ch>
Date: Fri, 10 Sep 2004 17:34:24 +0200
www.mysite.com/products.asp?id=convert(int,(select * from __dellist where 1=1))
Error Type:
Microsoft OLE DB Provider for SQL Server (0x80004005)
Subquery returned more than 1 value. This is not permitted when the subquery follows =, !=, <, <= , >, >= or when the 
subquery is

used as an expression.

/products.asp, line 32
My question is: Which query should I sent i order to retrieve the data of the table??
Thanks a lot in advance for your help
Roland


Hi Roland (hi list) !

Seems you can only retrieve an int value for each request... If I am not wrong,
I think I might have a solution for you.

- retrieve the information you want as a string
- substring the first character from that string
- convert it to an int value (ascii?)
- repeat it til the end of the string....
- reconstruct the string by converting the int values to string (char) values

I'm not really a tsql expert so I'll let you surf the tsqlref.chm to find which are
the function names ;)



------------oOoo---Ôô----ooOo---------------------------
Antonio FONTES    (well, me, actually)
http://www.nxtg.net/saphyr/  (tout et rien en français)
http://www.nxtg.net/is/ (about web development methods and security)
E-mail: myfirstname.mylastname@see_url_for_the_domain
-------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: