Insomnia: Whitepaper - Access Through Access

["Brett Moore" <brett.moore () insomniasec com>]

___________________________________________________________________ 


 Insomnia Security :: Access Through Access 
___________________________________________________________________ 


 Name: Access Through Access 
 Released: 01 May 2008 
 Author: Brett Moore, Insomnia Security 
 Original Link: 
 http://www.insomniasec.com/releases/whitepapers-presentations 
___________________________________________________________________ 

MS Access is commonly thought of as the little brother of Database
engines, and not a lot of material has been published about methods
used for exploiting it during a penetration test. 

The aim of this paper is to bring a lot of disparate information
together into one guide. This paper will outline methods to 
identify different versions of MS Jet, some SQL Injection methods
to use during tests, and some other techniques to access files,
servers, and potentially gain command access. 
___________________________________________________________________ 




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------