Re: Table enumeration

["Axel Meerschaert" <axel () scanit be>]

The following example query will give back a list of all tables, the fields
in the tables, and the type of field for the Northwind DB.
This will, of course, only work on MSSQL. (I quickly tested it on MSSQL7)

USE Northwind SELECT sysObjects.name as 'Table', sysColumns.name as 'Field',
sysColumns.xtype as 'FieldType'
  FROM sysObjects, sysColumns
  WHERE sysObjects.id = sysColumns.id and sysObjects.xtype = 'u'

By specifying xtype='u' it only queries user defined tables.

Using SQL injection, you could squeeze it in with a UNION
E.g.

' union select sysObjects.name, sysColumns.name, '', sysColumns.xtype, 1
from sysObjects, sysColumns where sysObjects.id = sysColumns.id and
sysObjects.xtype = 'u

Hope this helps,


Axel Meerschaert
www.scanit.be


----- Original Message -----
From: "Adik" <abdulla () mail auk kg>
To: <pen-test () securityfocus com>
Sent: Friday, February 15, 2002 1:54 AM
Subject: Table enumeration


> Hi all!
> How is it possible to enumerate table names in a database file? I've heard
in
> ms sql server there is system table name called sysobjects which contains
all
> table names. A little help would be really appreciated. Thanks.
> Adik
>
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/