Full Disclosure mailing list archives
Re: SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!)
From: seclists <seclists () 126 com>
Date: Sun, 8 Feb 2009 00:42:57 +0800 (CST)
The Chinese version MSSQL Injection FOR MSSQL 2005 & 2008 can be found at http://www.pcsec.org/archives/SFX-SQLi-A-new-SQL-injection-technique-for-MSSQL-dumps-a-table-in-one-request.html 在2009-02-08?00:02:21,"Daniel?Kachakil"?<dani () kachakil com>?写道:
Hi, I?am?glad?to?release?SFX-SQLi?(Select?For?XML?SQL?injection),?a?new?SQL? injection?technique?which?allows?to?extract?the?whole?information?of?a? Microsoft?SQL?Server?2005/2008?database?in?an?extremely?fast?and?efficient? way. This?technique?is?based?on?the?FOR?XML?clause,?which?is?able?to?convert?the? content?of?a?table?into?a?single?string,?so?its?contents?could?be?appended? to?some?field?injecting?a?subquery?into?a?vulnerable?input?of?a?web? application.?In?most?cases,?this?method?can?dump?all?the?contents?of?any? table?using?only?ONE?REQUEST?to?the?web?server,?without?the?need?of?any? special?permission?on?the?DBMS. I?have?written?a?paper?describing?how?the?technique?works?and?in?which? fundamentals?it?is?based,?and?I?have?also?developed?a?tool?which?implements? this?technique?as?a?proof?of?concept?(with?the?source?code?included). You?can?get?them?through?this?URL: http://www.kachakil.com/papers/SFX-SQLi-en.htm Regards, ??Daniel?Kachakil? _______________________________________________ Full-Disclosure?-?We?believe?in?it. Charter:?http://lists.grok.org.uk/full-disclosure-charter.html Hosted?and?sponsored?by?Secunia?-?http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!) Daniel Kachakil (Feb 07)
- Re: SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!) seclists (Feb 07)
- Re: SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!) Paul Schmehl (Feb 07)
- Re: SFX-SQLi: A new SQL injection technique for SQL Server (dumps a table in one request!) Daniel Kachakil (Feb 08)