Penetration Testing mailing list archives
Re: SQL injection
From: SQL injector <sql_injector () yahoo com>
Date: Wed, 10 Apr 2002 18:22:43 -0700 (PDT)
That is the statement I assumed. I still receive a syntax error. It seems to me it is due to a strange join (thanks beth). I wanted to post to see if anyone had any advanced ideas on syntax.... Also I read the ngssoftware paper. I really enjoyed it. There is another paper I found by Kevin Spett @ SPI Dynamics that is good as well. S_I --- alex () geoquark com wrote:
From the following: vulnerable.asp?g=1; Error Type: Microsoft OLE DB Provider for ODBC Drivers (0x80040E14) [Microsoft][ODBC SQL Server Driver][SQL Server]Incorrect syntax near the keyword 'order'. you can assume that the sql statement is of the form: (nice and generic) select A from B where C order by D you are inseting into C in this example. what you need to do is provide something like: g=1; select * from sysobjects-- note the single line comment at the end (--), this is necessary to prevent the "order" clause being executed out of context in our inserted query. There were some good papers on this... can only remember www.ngssoftware.com off the top of my head.
__________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Re: SQL injection SQL injector (Apr 12)