mailing list archives
Re: SQL Injection question
From: "Konstantin V. Sahin" <kotc-subscriber () yandex ru>
Date: Fri, 28 May 2004 01:04:34 +0400
SB> Hi All,
SB> I am interested to know (if possible) how to extend an SQL injection attack to
SB> display requested information from the injected query rather then the one coded into the software.
SB> For example performing a successful injection in the following manner:
SB> http://domain.com/script.php?showdata.php=3;select * from table where id=1
SB> would successfuly execute injected SQL on the datrabase server and return an error to the caller since the software
was made to process a particular query... not injected one.
SB> How and is it at all possible to actually view the data corresponding to injected SQL query, being:
SB> select * from table where id=1?
SB> Best Regards,
Read this http://www.imperva.com/application_defense_center/white_papers/blind_sql_server_injection.html
Konstantin mailto:kotc-subscriber () yandex ru