Penetration Testing mailing list archives
Re: custom xp_cmdshell on SQL Server
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Fri, 15 Sep 2006 11:35:32 +0200
Andy Lester wrote:
Hello list, I am pen-testing a web app that is vulnerable to SQL Injection. The queries to the backend DB are done with a non-privileged user, but using OPENROWSET and inference-based injection I have been able to find the sa password and escalate privileges.
Did you have a look at SQL Ninja ? http://sqlninja.sourceforge.net/ It's a handy tool when you deal with SQL Server. Stefano ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- custom xp_cmdshell on SQL Server Andy Lester (Sep 13)
- RE: custom xp_cmdshell on SQL Server Clemens, Dan (Sep 14)
- Re: custom xp_cmdshell on SQL Server Steven M Gill (Sep 15)
- Re: custom xp_cmdshell on SQL Server Stefano Zanero (Sep 15)
- RE: custom xp_cmdshell on SQL Server Victor Chapela (Sep 17)
- RE: custom xp_cmdshell on SQL Server Andy Lester (Sep 18)
- RE: custom xp_cmdshell on SQL Server Victor Chapela (Sep 20)
- RE: custom xp_cmdshell on SQL Server Andy Lester (Sep 18)
- <Possible follow-ups>
- Re: custom xp_cmdshell on SQL Server Zed Qyves (Sep 14)
- User group tool Bud Gordon (Sep 14)
- Re: User group tool Tim (Sep 14)
- Re: User group tool John Skinner (Sep 15)
- RE: User group tool ballares (Sep 15)
- RE: User group tool Weir, Jason (Sep 15)
- User group tool Bud Gordon (Sep 14)
- RE: custom xp_cmdshell on SQL Server Andy Lester (Sep 18)