|
WebApp Sec
mailing list archives
Re: Blind SQL Injection / Stored procedures
From: "Adam Tuliper" <amt () gecko-software com>
Date: Tue, 15 Nov 2005 18:38:48 -0500
Results will come back just like any other regular query.
----- Original Message -----
From: "Andres Molinetti" <andymolinetti () hotmail com>
To: <pen-test () securityfocus com>
Cc: <websecurity () webappsec org>; <webappsec () securityfocus com>
Sent: Tuesday, November 15, 2005 1:40 PM
Subject: Blind SQL Injection / Stored procedures
Hi List,
I am currently testing a clients Web Site. I have found that it is
vulnerable to Blind SQL Injection, so I have been able to enumerate
tables, columns, etc. It interact with an SQL Server 2000 SP3.
The problem is that, despite I was able to enumerate tables and columns
(through base..syscolumns) I am not able to access any data of those
tables.
I think this can be happening because the priviledges are assigned to
stored procedures, and not directly to users, which is a good practice.
Then my problem is how can I use an stored procedure to get some data? I
think I am able to run, but how can I do to get its results?
I know that there is an xp_makewebtask which lets me write sql queries to
a file, but as the sql server resides in a different machine that the web
server, I cannot get those files.
Thanks in advance,
Andy
_________________________________________________________________
Dale rienda suelta a tu tiempo libre. Encuentra mil ideas para exprimir tu
ocio con MSN Entretenimiento. http://entretenimiento.msn.es/
 By Date 
By Thread
Current thread:
|
Intro
