|
Full Disclosure
mailing list archives
Re: SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!)
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Sat, 07 Feb 2009 22:10:59 -0600
--On February 7, 2009 10:02:21 AM -0600 Daniel Kachakil
<dani () kachakil com> wrote:
I have written a paper describing how the technique works and in which
fundamentals it is based, and I have also developed a tool which
implements
this technique as a proof of concept (with the source code included).
You can get them through this URL:
http://www.kachakil.com/papers/SFX-SQLi-en.htm
Having read your paper, I'm a bit confused about what you think the "new
SQL injection technique" is that you've discovered. I understand you have
determined a way to *extract* data in a more compact and efficient format,
but I didn't see any new *injection* technique. IOW, the FOR XML
construct isn't going to assist you in obtaining the data - only in
obtaining it more efficiently.
Did I miss something?
Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying
Attachment:
_bin
Description:
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
