Penetration Testing mailing list archives
Re: how to exploit SQL INJECTION?
From: Pablo Fernández <newsclient () teamq info>
Date: Wed, 22 Jun 2005 00:22:29 +0200
Well, exploiting a vulnerable SQL Injection site is very easy, you can do it directly from your browser (even with dillo, links, wget, axel!) (altough a PERL script is much more confortable). If nessus told you you have some script vulnerable you can exploit them hitting with your browser a URL such as http://<LAN_SERVER_IP>/resources/expand_subject.asp?id='UNION' That's assuming the script vulnerable is reachable directly using the LAN IP of the server, if you are using vhost in the HTTP server you should use it in the previous URL. I hope this is clear enough, I could have written this message in spanish, which I guess is your mother tongue, English used for the mailing's list sake. Saludos y suerte, Pablo Fernández
--- Begin Message --- From: Pablo Escobar <slackware77 () gmail com>
Date: Wed, 22 Jun 2005 00:06:05 +0300
Hello people, I made in my network website server with SQL with vulnerabilities to learn how to exploit it, I searched in google and i tried but dont work, the report of the nessus is: The following URLs seem to be vulnerable to various SQL injection techniques : /resources/expand_subject.asp?id='UNION' /resources/expand_subject.asp?id='UNION' /resources/expand_subject.asp?id='UNION' /resources/expand_subject.asp?id=' /resources/expand_subject.asp?id=' /resources/expand_subject.asp?id=' /resources/expand_subject.asp?id='%22 /resources/expand_subject.asp?id='%22 /resources/expand_subject.asp?id='%22 /resources/expand_subject.asp?id=9%2c+9%2c+9 /resources/expand_subject.asp?id=9%2c+9%2c+9 /resources/expand_subject.asp?id=9%2c+9%2c+9 /resources/expand_subject.asp?id='bad_bad_value /resources/expand_subject.asp?id='bad_bad_value /resources/expand_subject.asp?id='bad_bad_value /resources/expand_subject.asp?id=bad_bad_value' /resources/expand_subject.asp?id=bad_bad_value' /resources/expand_subject.asp?id=bad_bad_value' /resources/expand_subject.asp?id='+OR+' /resources/expand_subject.asp?id='+OR+' /resources/expand_subject.asp?id='+OR+' /resources/expand_subject.asp?id='WHERE /resources/expand_subject.asp?id='WHERE /resources/expand_subject.asp?id='WHERE /resources/expand_subject.asp?id=%3B /resources/expand_subject.asp?id=%3B /resources/expand_subject.asp?id=%3B /resources/expand_subject.asp?id='OR /resources/expand_subject.asp?id='OR /resources/expand_subject.asp?id='OR /resources/expand_subject.asp?id=' or 1=1-- /resources/expand_subject.asp?id=' or 1=1-- /resources/expand_subject.asp?id=' or 1=1-- /resources/expand_subject.asp?id= or 1=1-- /resources/expand_subject.asp?id= or 1=1-- /resources/expand_subject.asp?id= or 1=1-- /resources/expand_subject.asp?id=' or 'a'='a /resources/expand_subject.asp?id=' or 'a'='a /resources/expand_subject.asp?id=' or 'a'='a /resources/expand_subject.asp?id=') or ('a'='a /resources/expand_subject.asp?id=') or ('a'='a /resources/expand_subject.asp?id=') or ('a'='a now,how can I exploit it?,somebody can guide me plz?,thank u very much,good luck.
--- End Message ---
Current thread:
- how to exploit SQL INJECTION? Pablo Escobar (Jun 21)
- Re: how to exploit SQL INJECTION? David Eduardo Acosta Rodríguez (Jun 21)
- RE: how to exploit SQL INJECTION? Victor Chapela (Jun 21)
- Re: how to exploit SQL INJECTION? Steve Friedl (Jun 21)
- Re: how to exploit SQL INJECTION? Pablo Fernández (Jun 21)
- Re: how to exploit SQL INJECTION? Sugiowono (Jun 21)
- RE: how to exploit SQL INJECTION? Leandro Reox (Jun 21)
- Re: how to exploit SQL INJECTION? Christian Martorella (Jun 22)
- <Possible follow-ups>
- Re: how to exploit SQL INJECTION? kashmira . phalak (Jun 21)