Re: SQL Cracking.....
From: Peter A. Schott (pschott@drivefinancial.com)
Date: 02/18/03
- Next message: Steve Thompson: "Re: SQL 2K SP3 Error: Could Not Generate SSPI Context"
- Previous message: James Kita: "SQL 2K SP3 Error: Could Not Generate SSPI Context"
- In reply to: Denny: "Re: SQL Cracking....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Peter A. Schott <pschott@drivefinancial.com> Date: Tue, 18 Feb 2003 10:04:44 -0600
Can you use SQL Injection anywhere? :-) You can do ALL sorts of fun things
if the program's running under 'sa' and allows those wonderful dynamic queries
to filter through.
-Pete
"Denny" <mrdenny@gamespy.com> wrote:
> Remotly dump a sql script on the c drive (ports 135 and 139) then use at (or
> soon, or now from Resource Kit) to run osql and run the script that you just
> put there, or run a command line query with the -Q command. I'd recommend
> simumlating something nasty like dropping the db, or truncateing a table.
>
> Hope that works for you.
- Next message: Steve Thompson: "Re: SQL 2K SP3 Error: Could Not Generate SSPI Context"
- Previous message: James Kita: "SQL 2K SP3 Error: Could Not Generate SSPI Context"
- In reply to: Denny: "Re: SQL Cracking....."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
