[Full-disclosure] SQL Injection + Stored Procedures

From: "Andres Molinetti" <andymolinetti@xxxxxxxxxxx>
Date: Tue, 31 Oct 2006 20:25:33 +0000

HI,

Does anyone know how to get the body of a stored procedure in MS SQL
Server through a SELECT statement?

In other words, are the Stored Procedures bodies saved in any accesible
system table?

Cheers,

Andy.

_________________________________________________________________
Grandes éxitos, superhéroes, imitaciones, cine y TV...
http://es.msn.kiwee.com/ Lo mejor para tu móvil.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution
Next by Date: Re: [Full-disclosure] unreliable vulnerability reports en-masee [was:Re: vulnerability in Symantec products]
Previous by thread: [Full-disclosure] [SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution
Next by thread: Re: [Full-disclosure] SQL Injection + Stored Procedures
Index(es):
- Date
- Thread

Relevant Pages

Re: Problem using SP as record source with Access2002 & SQL Server 7
... I've installed a brand new copy of SQL Server 2000 with the original ... I've created the folowing stored procedure for the resync ... Resync Command: ALL_CUSTOMERS_RESYNC? ... I need to upgrade to a newer version of Microsoft SQL ...
(microsoft.public.access.adp.sqlserver)
Re: Creating a database
... Please do yourself a favor, find a local user group, or buy a beginning book on SQL Server or take a class, you will save yourself a great deal of pain in the long run. ... CREATE DATABASE Products ... I can create a stored procedure from within the Server Explorer and from ...
(microsoft.public.dotnet.framework.adonet)
Re: SQL/ADO (2.8) Timeout Error - Cant resolve
... > Server 2000 back end. ... > timeout limit. ... And I’ve used SQL Query Analyzer to run the ... I am running a stored procedure that will backup a SQL Server ...
(microsoft.public.sqlserver.clients)
Re: Breakpoints in T-SQL not hit from VS 2005 with SQL 2005
... Open stored procedure in server explorer and set breakpoint ... Run the procedure from SQL Server Management Studio ... SQL Server 2005 Developer Edition installed on local PC. ... I created a windows project and called stored procedure using ...
(microsoft.public.vsnet.debugging)
RE: Stored procedure / .NET woes
... Check the available network protocols on both the server and the client (web ... using the SQL client and server network tools. ... > Strangely enough running the same stored procedure through the SQL ...
(microsoft.public.dotnet.framework.adonet)