Dailydave mailing list archives
RE: MS Access SQL injection
From: "Thomas Quinlan" <tquinlan () capitaliq com>
Date: Mon, 21 Mar 2005 08:43:55 -0500
In MySQL, it's "DESCRIBE tablename"... don't know if that'll be of any help. -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of RaMatkal Sent: Monday, March 21, 2005 8:11 AM To: Peter Busser; dailydave () lists immunitysec com Subject: Re: [Dailydave] MS Access SQL injection
select * from table limit 0; might work. it does for postgresql.Clarification... it does from the psql user-space client. -- Andy --Thanks for the info but doesn't seem to work from access....Instead of limit 0, you could try: select * from table where 1=0 Groetjes, Peter.
Thanks.....tried it but does not returna any column names.... just returns a blank recordset as one would expect? ramatkal () hotmail com _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- MS Access SQL injection RaMatkal (Mar 21)
- Re: MS Access SQL injection Andy Norman (Mar 21)
- Re: MS Access SQL injection Andy Norman (Mar 21)
- Re: MS Access SQL injection RaMatkal (Mar 21)
- Re: MS Access SQL injection Peter Busser (Mar 21)
- Re: MS Access SQL injection RaMatkal (Mar 21)
- Re: MS Access SQL injection Andy Norman (Mar 21)
- Re: MS Access SQL injection Andy Norman (Mar 21)
- <Possible follow-ups>
- RE: MS Access SQL injection Thomas Quinlan (Mar 21)
- RE: MS Access SQL injection Matt Fisher (Mar 21)