WebApp Sec mailing list archives
RE: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures
From: 김광진 <ezhack () ncsoft net>
Date: Fri, 18 Nov 2005 09:46:14 +0900
SQL Security Checklist http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=24 -----Original Message----- From: Frederic Charpentier [mailto:fcharpen () xmcopartners com] Sent: Friday, November 18, 2005 2:26 AM To: Evans, Arian Cc: LAROUCHE Francois; Andres Molinetti; pen-test () securityfocus com; webappsec () securityfocus com; websecurity () webappsec org Subject: Re: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures hi evans, I saw a good one at :http://www.securitymap.net/sdm/docs/windows/mssql-checklist.html there's a list of stored procedure (not commented) like : sp_sdidebug xp_availablemedia xp_cmdshell xp_deletemail xp_dirtree xp_dropwebtask xp_dsninfo xp_enumdsn xp_enumerrorlogs xp_enumgroups xp_enumqueuedtasks xp_eventlog xp_findnextmsg xp_fixeddrives xp_getfiledetails xp_getnetname xp_grantlogin xp_logevent xp_loginconfig xp_logininfo xp_makewebtask xp_msver xp_perfend xp_perfmonitor xp_perfsample xp_perfstart xp_readerrorlog xp_readmail xp_revokelogin xp_runwebtask xp_schedulersignal xp_sendmail xp_servicecontrol xp_snmp_getstate xp_snmp_raisetrap xp_sprintf xp_sqlinventory xp_sqlregister xp_sqltrace xp_sscanf xp_startmail xp_stopmail xp_subdirs xp_unc_to_drive Xp_regaddmultistring Xp_regdeletekey Xp_regdeletevalue Xp_regenumvalues Xp_regread Xp_regremovemultistring Xp_regwrite Sp_OACreate Sp_OADestroy Sp_OAGetErrorInfo Sp_OAGetProperty Sp_OAMethod Sp_OASetProperty Sp_OAStop Evans, Arian wrote:
Fancois, nice explanation,-----Original Message----- From: LAROUCHE Francois [mailto:Francois.Larouche () accorservices com] Sent: Thursday, November 17, 2005 8:59 AM[...]d) If you still can't well sorry... I think there is no other way except those already mentioned by the others (by the way to execute xp_makewebtask you need to have high user privileges something you are obviously not)Has anyone published a complete list/table of MSSQL (and other DB) stored procs/pls on the web, and what the default privs to them are? I've made one but I'm not sure yet if I'm allowed to publish it. This would be a nice handy sql-injection reference table for people who are new to SQLi with stored procs, or just have a bad memory/aren't very smart [me]. -ae --------------------------------------------------------------------- The Web Security Mailing List http://www.webappsec.org/lists/websecurity/ The Web Security Mailing List Archives http://www.webappsec.org/lists/websecurity/archive/
-- Frederic Charpentier - Xmco Partners Security Consulting / Pentest web : http://www.xmcopartners.com/tests-intrusion.html --------------------------------------------------------------------- The Web Security Mailing List http://www.webappsec.org/lists/websecurity/ The Web Security Mailing List Archives http://www.webappsec.org/lists/websecurity/archive/
Current thread:
- RE: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures 김광진 (Nov 17)
- <Possible follow-ups>
- RE: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures ALLAIN Yann (Nov 18)