Penetration Testing mailing list archives
Re: ASP code testing
From: "Kevin Spett" <kspett () spidynamics com>
Date: Sun, 18 Nov 2001 14:16:44 -0800
Dunno about the buffer overflow question (I've been toying with similar ideas), but it's generally a bad idea for the client to be able to get backend error messages of any kind. Have you checked to see if you can get an ODBC error message? Try adding a single quote or an SQL keyword such as ' OR' to the argument and see if you can pull off an SQL Injection attack. Kevin. ----- Original Message ----- From: "Dan Richardson" <dan.richardson () paradise net nz> To: <pen-test () securityfocus com> Sent: Saturday, November 17, 2001 3:00 PM Subject: ASP code testing
I'm currently testing some ASP code on an e-commerce site. My question is could this be used to execute a buffer overflow exploit? The following URL: http://www.asite.com/show/showsomething.asp?ID=5 Will retrieve a legitmate item from the database. By playing with the number a bit- http://www.asite.com/show/showsomething.asp?ID=32767 Will generate ADODB.Field error '80020009' Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record. But if I bump that number up to 32768 (unsigned integer limit)- Microsoft VBScript runtime error '800a0006' Overflow: 'cint' /show/showsomething.asp, line x Thanks Dan --------------------------------------------------------------------------
--
This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please
see:
https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- ASP code testing Dan Richardson (Nov 18)
- Re: ASP code testing Bojo (Nov 19)
- Re: ASP code testing Kevin Spett (Nov 19)
- RE: ASP code testing Omar Koudsi (Nov 19)
- <Possible follow-ups>
- Re: ASP code testing rudi carell (Nov 19)