Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ORDER BY sql injection help

From: Trace <bugtrace () gmail com>
Date: Sat, 13 Jun 2009 14:19:25 +0800
http://code.google.com/p/bsqlbf-v2/downloads/list
the new version also supports blind sql injection in “order by”,
“group by” clause.
Try it,please.

On Fri, Jun 12, 2009 at 4:45 AM, <lister () lihim org> wrote:

Requesting assistance.

An application uses GET and one of the parameters translates to an ORDER BY
in an Oracle SQL query.

I can put in 1 through X where X is a column number to order the output up to X columns.

I can also get ORA errors, so I know I have direct access to the SQL query.

I'm looking for references on possible queries for a query with an injectable
ORDER BY clause.  I'm not sure if it is possible to break out of the ORDER BY
to query other data.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: