answering my own question on DB2 sql injection

[fr0stman <fr0stman () sun-tzu-security net>]

Ok I found out how the concat function is working and how to make it
useful in mining data. I will put together a write up on how it worked
in my test environment and post it to the list. Thanks to all who
replied.BTW this works just fine in mining data from MSSQL databases
where detailed error messages have been turned off as well. Just the
concat statement is formatted a little differently.


-- 


-- fr0stman --

Victorious warriors win first and then go to war, while defeated
warriors go to war first and then seek to win.

Sun-tzu, The Art of War. Strategic Assessments