Home page logo

webappsec logo WebApp Sec mailing list archives

Re: SQL Injection question
From: "Konstantin V. Sahin" <kotc-subscriber () yandex ru>
Date: Fri, 28 May 2004 01:04:34 +0400

Hello, Serg.

SB> Hi All,
SB> I am interested to know (if possible) how to extend an SQL injection attack to
SB> display requested information from the injected query rather then the one coded into the software.
SB> For example performing a successful injection in the following manner:
SB> Normal:
SB> http://domain.com/script.php?showdata.php=3
SB> Attack:
SB> http://domain.com/script.php?showdata.php=3;select * from table where id=1
SB> would successfuly execute injected SQL on the datrabase server and return an error to the caller since the software 
was made to process a particular query... not injected one.
SB> How and is it at all possible to actually view the data corresponding to injected SQL query, being:
SB> select * from table where id=1?
SB>    Best Regards,
SB>       Serg

Read this http://www.imperva.com/application_defense_center/white_papers/blind_sql_server_injection.html

Best regards,
 Konstantin                          mailto:kotc-subscriber () yandex ru

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]