Penetration Testing mailing list archives

Re: MS SQL, find list of tables

From: Cedric Foll <cedric.foll () ac-rouen fr>
Date: Tue, 27 Sep 2005 17:10:04 +0200

Cedric Foll a écrit :

Hi,

I'm doing a pen test on a IIS/MS SQL box and find a SQL Injection on it
which permit to execute some SQL command on it.


Sorry did a mistake. It's a MS Access database behind.
BTW, is it possible to list tables ?
Which tables or procedure are by default in a MS Access databases ?

Regards.

-- 
Cedric Foll
Ingénieur Sécurité & Réseaux
Division Informatique, Rectorat de Rouen

"More people are killed every year by pigs than by sharks,
which shows you how good we are at evaluating risk."
Bruce Schneier

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

MS SQL, find list of tables Cedric Foll (Sep 27)
- Re: MS SQL, find list of tables Cedric Foll (Sep 28)
- RE: MS SQL, find list of tables Ofer Maor (Sep 28)
- Re: MS SQL, find list of tables Jon DeShirley (Sep 28)
- Re: MS SQL, find list of tables Bernhard Mueller (Sep 28)
- <Possible follow-ups>
- RE: MS SQL, find list of tables BHAI JAINUDDINBHAI, TRUNKWALA KUTBUDDIN (TRUNKWALA KUTBUDDIN)** CTR ** (Sep 28)
- RE: MS SQL, find list of tables Velasco Herrero, Jose Antonio (Sep 28)
- RE: MS SQL, find list of tables LAROUCHE Francois (Sep 29)