WebApp Sec mailing list archives

Re: Paper of insecure in PHP... and doubt in SQL-Injection

From: "Jason Stout" <jasonstout () ringzerosecurity com>
Date: Thu, 20 Feb 2003 09:50:51 -0800 (PST)

Good paper: http://www.securereality.com.au/studyinscarlet.txt

Error codes:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adoce31/html/ado30ref_103.asp

Regards,
Jason Stout

On Thu, 20 Feb 2003, sekure () hadrion com br wrote:


Hi,

I'm searching a good paper or collection of papers that describe
problems of PHP with real examples and eploitations. Like
SQL-Injection, danger funcionts, buffer overflow, ...

ps.: I want read, understand and test it. hehehe :)

Where find this papers ??

Someone have links that i can access ? :)

A little doubt about SQL-Injections... Why some sites and Visual Basic
applications gave-me this error when i try a SQL-Injection in it:

Microsoft OLE DB Provider for ODBC Drivers error '80040e21' 

ODBC driver does not support the requested properties. 

/procura_resp.asp, line 121 


This error was caused by insert a ' or '1 under a search form. :)

Why ?? A different provider ?? Security checks ?? How to bypass this
problem of provider ??

Thkz a lot.

Best Regards.

[ ]'s

Current thread:

Paper of insecure in PHP... and doubt in SQL-Injection sekure (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Kevin Spett (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Emanuele Rocca (Feb 20)
- <Possible follow-ups>
- Re: Paper of insecure in PHP... and doubt in SQL-Injection zeno (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Jason Stout (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection bloodk (Feb 21)