Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Send output to file in SQL

Re: Send output to file in SQL

From: Alex S. Harasic <aharasic_at_terra.cl>
Date: Thu, 21 Mar 2002 08:31:24 -0400

Actually, the main idea of my posting was to create a file using sql
commands but as a SQL Injection thing. But it seems to be that the only way
to go is using either xp_cmdshell or makewebtasks extended procedures...

Alex S. Harasic
aharasic_at_terra.cl

----- Original Message -----
From: "Jonah Kowall" <jkowall_at_psteering.com>
To: "Alex Harasic" <aharasic_at_terra.cl>; <pen-test_at_securityfocus.com>
Sent: Friday, March 15, 2002 2:36 PM
Subject: RE: Send output to file in SQL

Are you running mssql 2000 or an earlier version? If you are running
2k, then you may be able to use the sp_makewebtask stored procedure.

Or you can run isql from the command line:

If you want the output to a .txt file just use isql at a cmd prompt
(%MSSQLPATH%\binn\isql > c:\mssql\binn\isql) with the parameter -o for
outputfile and use -q for the query or -i for inputfile (if you got
several statements).

c:\mssql\binn\isql -Usa -P -ddb1 -Sserv1 -i in.sql -o out.txt
where: -Usa > user, -P > password, -ddb1 > your database, -i in.sql >
your input file, -o out.txt > your output file.

> -----Original Message-----
> From: Alex Harasic [mailto:aharasic_at_terra.cl]
> Sent: Wednesday, March 13, 2002 12:05 PM
> To: pen-test_at_securityfocus.com
> Subject: Send output to file in SQL
>
>
>
>
> Hi, I've been looking around for ways to send output
>
> to a file in a sql query. I know there is one for mySQL
>
> but not for msSQL.
>
>
>
> Anyone knows a way to send the output in a query
>
> without using extended procedures?
>
>
>
>
>
> Alex S. Harasic
>
> aharasic_at_terra.cl
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA) Service. For more information on
> SecurityFocus' SIA service which automatically alerts you to
> the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Mar 21 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]