Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] SQL Injection
From: Arturo 'Buanzo' Busleiman <buanzo () buanzo com ar>
Date: Thu, 19 Jul 2007 09:12:38 -0300
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Eddie Bell wrote:

I've added an experimental SQL Injection script to SVN. It spiders a
http server looking for URLs containing queries. It then proceeds to
combine crafted SQL commands with susceptible urls in order to obtain
errors. The errors are analysed to see if the url is vulnerable to
attack


/me gapes in awe

- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal)
Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGn1U1AlpOsGhXcE0RCsurAJ42YBIxHCPve+qGN/NtuF7EDYnoCACeLpAT
+CBEztrTzT2zfcmvzL1xGmM=
=6Lop
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]