Re: MS Access SQL injection column enumeration

[Felikz <securityfocus () felikz net>]

You can simply read all the data from the table using "SELECT * FROM 
tablename;". This won't give you the column names but you will have all 
the data.

MySQL has a "DESCRIBE" function (as in "DESCRIBE tablename"), perhaps 
Access has a similar function ???


RaMatkal x2 wrote:

> I am conducting a pen-test on a web app that is vulnerable to SQL 
> injection. The backend database is MS access.....
>
> i have managed to get a list of table names using something like the 
> following:
>
> select Name, from MSysObjects
> where Type=1
> and Name not like "MSys*";
>
> However, I am struggling to find a way to gather a list of column 
> names from each table which
> would allow me to read any data from the database......
> None of the sql injection papers / tutorials seem to have much to say 
> about Access databases...
>
> Anybody got any ideas?
>
> Thanks in advance...
> ramatkal () hotmail com
>
> _________________________________________________________________
> FREE pop-up blocking with the new MSN Toolbar – get it now! 
> http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/