Knowledge shared
From: Brett Moore (brett@softwarecreations.co.nz)Date: 01/31/02
- Previous message: Wouter Slegers: "Re: Questions on GSM Penetration test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Brett Moore" <brett@softwarecreations.co.nz> To: <webappsec@securityfocus.com>, <pen-test@securityfocus.com> Date: Fri, 1 Feb 2002 00:44:27 +1300
Ok so I have some thoughts. No official format.
1) SQL INJECTION
"SQL injection does not work with stored procedures"...Shakes pear 1654
example:
X = WEB VARIABLE = INTEGER
X = 10
EXEC MY_STOREDPROCEDURE X = EXEC MY_STOREDPROCEDURE 10
~
X = 10;EXEC MASTER..XP_CMDSHELL''
EXEC MY_STOREDPROCEDURE X = 10;EXEC MASTER..XP_CMDSHELL''
2) SQL TIP
SET NOEXEC = Compiles each query but does not execute it.
If 007 knowns the field names used in a web page creation then 007 can
obtain information from the second query.
3) http://www.microsoft.com/technet/security/bulletin/MS01-060.asp
Of course any tester that obtains sql injection capabilities on a test site
can abuse this if the test site is not patched.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Wouter Slegers: "Re: Questions on GSM Penetration test"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
