|
Penetration Testing
mailing list archives
Insomnia: Whitepaper - Access Through Access
From: "Brett Moore" <brett.moore () insomniasec com>
Date: Thu, 1 May 2008 12:18:02 +1200
___________________________________________________________________
Insomnia Security :: Access Through Access
___________________________________________________________________
Name: Access Through Access
Released: 01 May 2008
Author: Brett Moore, Insomnia Security
Original Link:
http://www.insomniasec.com/releases/whitepapers-presentations
___________________________________________________________________
MS Access is commonly thought of as the little brother of Database
engines, and not a lot of material has been published about methods
used for exploiting it during a penetration test.
The aim of this paper is to bring a lot of disparate information
together into one guide. This paper will outline methods to
identify different versions of MS Jet, some SQL Injection methods
to use during tests, and some other techniques to access files,
servers, and potentially gain command access.
___________________________________________________________________
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- Insomnia: Whitepaper - Access Through Access Brett Moore (Apr 30)
|
Intro
