Home page logo
/

webappsec logo WebApp Sec mailing list archives

SQL Injection question
From: Serg Belokamen <serg () dodo com ai>
Date: Thu, 27 May 2004 01:49:45 +1000

Hi All, 

I am interested to know (if possible) how to extend an SQL injection attack to
display requested information from the injected query rather then the one coded into the software.

For example performing a successful injection in the following manner:

Normal:
http://domain.com/script.php?showdata.php=3

Attack:
http://domain.com/script.php?showdata.php=3;select * from table where id=1

would successfuly execute injected SQL on the datrabase server and return an error to the caller since the software was 
made to process a particular query... not injected one.

How and is it at all possible to actually view the data corresponding to injected SQL query, being:

select * from table where id=1?

   Best Regards,
      Serg


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]