Penetration Testing mailing list archives

Re: SQL injections and connections to a DB

From: "Tibor Csonka" <rawbite () gmail com>
Date: Wed, 13 Jul 2005 09:56:42 +0300

You can use acunetix web vulnerability scanner (www.acunetix.com) ...

regards

----- Original Message -----From: "Mike Tupker" <mtupker () gmail com>

To: <pen-test () securityfocus com>
Sent: Wednesday, July 13, 2005 12:40 AM
Subject: SQL injections and connections to a DB

We have a IIS web server setup on our DMZ with a connection to our DB
server which is running MS SQL server 7. Does anyone know of a program
that will check the code in a web page for vulnerabilities such as SQL
injections, overflows, or anything else that I might not be aware of?
Basically, I would like to know if there is any way for someone to use
the server on the DMZ to get to the DB server and cause damage.

Thanks in advance,

Mike Tupker

Current thread:

SQL injections and connections to a DB Mike Tupker (Jul 12)
- Re: SQL injections and connections to a DB Tibor Csonka (Jul 13)
- Re: SQL injections and connections to a DB Felipe Balbi (Jul 13)
  - Re: SQL injections and connections to a DB Dean H. Saxe (Jul 15)