Penetration Testing mailing list archives

Re: SQL Injection - Waitfor delay

From: "Robin Wood" <dninja () gmail com>
Date: Fri, 17 Oct 2008 00:05:53 +0100

2008/10/13 xelerated <xelerated () gmail com>:

Hi all,
I am trying to find more information about a SQL Injection using
"waitfor delay".

The talk by Joseph McCray at this years Toorcon about using blind sql
injection for downloading files was very impressive. Basically
grabbing files one byte at a time.

When the videos come out it is definitely worth watching.

Robin

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

SQL Injection - Waitfor delay xelerated (Oct 13)
- Re: SQL Injection - Waitfor delay rajat swarup (Oct 13)
- Re: SQL Injection - Waitfor delay Krugger (Oct 14)
- Re: SQL Injection - Waitfor delay p1g (Oct 16)
  - Re: SQL Injection - Waitfor delay Anthony Cicalla (Oct 16)
  - Re: SQL Injection - Waitfor delay Haroon Meer (Oct 16)
    - Re: SQL Injection - Waitfor delay xelerated (Oct 16)
- Re: SQL Injection - Waitfor delay Robin Wood (Oct 16)
- <Possible follow-ups>
- Re: SQL Injection - Waitfor delay Parity (Oct 14)
  - Re: SQL Injection - Waitfor delay Anthony Cicalla (Oct 15)