WebApp Sec mailing list archives
Re: Blind SQL Injection / Stored procedures
From: "Adam Tuliper" <amt () gecko-software com>
Date: Tue, 15 Nov 2005 18:38:48 -0500
Results will come back just like any other regular query.----- Original Message ----- From: "Andres Molinetti" <andymolinetti () hotmail com>
To: <pen-test () securityfocus com> Cc: <websecurity () webappsec org>; <webappsec () securityfocus com> Sent: Tuesday, November 15, 2005 1:40 PM Subject: Blind SQL Injection / Stored procedures
Hi List,I am currently testing a clients Web Site. I have found that it is vulnerable to Blind SQL Injection, so I have been able to enumerate tables, columns, etc. It interact with an SQL Server 2000 SP3.The problem is that, despite I was able to enumerate tables and columns (through base..syscolumns) I am not able to access any data of those tables.I think this can be happening because the priviledges are assigned to stored procedures, and not directly to users, which is a good practice.Then my problem is how can I use an stored procedure to get some data? I think I am able to run, but how can I do to get its results?I know that there is an xp_makewebtask which lets me write sql queries to a file, but as the sql server resides in a different machine that the web server, I cannot get those files.Thanks in advance, Andy _________________________________________________________________Dale rienda suelta a tu tiempo libre. Encuentra mil ideas para exprimir tu ocio con MSN Entretenimiento. http://entretenimiento.msn.es/
Current thread:
- Blind SQL Injection / Stored procedures Andres Molinetti (Nov 15)
- Re: Blind SQL Injection / Stored procedures Adam Tuliper (Nov 15)
- Re: Blind SQL Injection / Stored procedures Laramies (Nov 16)
- RE: Blind SQL Injection / Stored procedures Victor Chapela (Nov 18)
- <Possible follow-ups>
- RE: Blind SQL Injection / Stored procedures LAROUCHE Francois (Nov 16)
- RE: Blind SQL Injection / Stored procedures Andres Molinetti (Nov 16)
- RE: Blind SQL Injection / Stored procedures LAROUCHE Francois (Nov 17)
- Re: Blind SQL Injection / Stored procedures Phillip Powell (Nov 17)
- RE: Blind SQL Injection / Stored procedures Evans, Arian (Nov 17)
- Re: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures Frederic Charpentier (Nov 17)
- RE: Blind SQL Injection / Stored procedures LAROUCHE Francois (Nov 18)
- Re: Blind SQL Injection / Stored procedures ascii (Nov 18)