Penetration Testing mailing list archives
Re: SQL injections and connections to a DB
From: Felipe Balbi <felipebalbi () yahoo com>
Date: Wed, 13 Jul 2005 05:09:10 -0700 (PDT)
I think nikto will serve your purposes. It's a perl script used to test web servers, very effective. Felipe Balbi --- Mike Tupker <mtupker () gmail com> wrote:
We have a IIS web server setup on our DMZ with a connection to our DB server which is running MS SQL server 7. Does anyone know of a program that will check the code in a web page for vulnerabilities such as SQL injections, overflows, or anything else that I might not be aware of? Basically, I would like to know if there is any way for someone to use the server on the DMZ to get to the DB server and cause damage. Thanks in advance, Mike Tupker
[]'s Felipe Balbi Cel: (92) 8127-0839 e-mail: felipebalbi () yahoo com felipebalbi () adarinfo com br "Imagination is more important than knowledge." Albert Einstein __________________________________ Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html
Current thread:
- SQL injections and connections to a DB Mike Tupker (Jul 12)
- Re: SQL injections and connections to a DB Tibor Csonka (Jul 13)
- Re: SQL injections and connections to a DB Felipe Balbi (Jul 13)
- Re: SQL injections and connections to a DB Dean H. Saxe (Jul 15)