Nmap Development mailing list archives
Re: [NSE] SQL Injection
From: Arturo 'Buanzo' Busleiman <buanzo () buanzo com ar>
Date: Thu, 19 Jul 2007 09:12:38 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Eddie Bell wrote:
I've added an experimental SQL Injection script to SVN. It spiders a http server looking for URLs containing queries. It then proceeds to combine crafted SQL commands with susceptible urls in order to obtain errors. The errors are analysed to see if the url is vulnerable to attack
/me gapes in awe - -- Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal) Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGn1U1AlpOsGhXcE0RCsurAJ42YBIxHCPve+qGN/NtuF7EDYnoCACeLpAT +CBEztrTzT2zfcmvzL1xGmM= =6Lop -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] SQL Injection Eddie Bell (Jul 19)
- [NSE] SQL Injection Eddie Bell (Jul 19)
- Re: [NSE] SQL Injection Arturo 'Buanzo' Busleiman (Jul 19)