Penetration Testing mailing list archives

RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services

From: "DUBRAWSKY, IDO (CALLISMA)" <id3878 () sbc com>
Date: Thu, 9 Jun 2005 10:47:28 -0500

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As a quick follow-up to my earlier post, the MITM attack assumes that
you are either on the local LAN with the device or have access to a
system that is on the local LAN of the SQL server.  Sorry...should
have
made that clearer.

Ido
- --
Ido Dubrawsky, CISSP
Senior Security Consultant
SBC/Callisma
(571) 633-9500 (Office)
(202) 213-9029 (Mobile)

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBQqhkkGmsDscGuNcHEQKBTgCfXs2+1X8iL91NF9SjBfJ6dWrflvYAoIsn
ZENMnrEWNW95ry0PqRp3a1Ch
=3yWH
-----END PGP SIGNATURE-----

Current thread:

RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services, (continued)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Erik Pace Birkholz (Jun 09)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services DUBRAWSKY, IDO (CALLISMA) (Jun 09)
  - Message not available
    - SQL injection Faisal Khan (Jun 09)
    - Re: SQL injection Joel Esler (Jun 09)
    - Re: SQL injection ilaiy (Jun 09)
    - Re: SQL injection Christian Martorella (Jun 09)
    - Re: SQL injection Richard Barrell (Jun 09)
    - Re: SQL injection Faisal Khan (Jun 09)
    - Re: SQL injection Matt Davis (Jun 09)
    - RE: SQL injection Aric Perminter (Jun 09)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services DUBRAWSKY, IDO (CALLISMA) (Jun 09)