mailing list archives
SQL Injection question
From: Serg Belokamen <serg () dodo com ai>
Date: Thu, 27 May 2004 01:49:45 +1000
I am interested to know (if possible) how to extend an SQL injection attack to
display requested information from the injected query rather then the one coded into the software.
For example performing a successful injection in the following manner:
http://domain.com/script.php?showdata.php=3;select * from table where id=1
would successfuly execute injected SQL on the datrabase server and return an error to the caller since the software was
made to process a particular query... not injected one.
How and is it at all possible to actually view the data corresponding to injected SQL query, being:
select * from table where id=1?