Comments on: More on True And Error Blind Sql Injection http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/ From Pentesters To Pentesters Sat, 22 Oct 2011 05:42:18 +0100 http://wordpress.org/?v=2.8.4 hourly 1 By: Hemil http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/comment-page-1/#comment-100340 Hemil Mon, 29 Nov 2010 15:57:37 +0000 http://www.notsosecure.com/folder2/?p=275#comment-100340 I am creating a vulnerable application for training and I remember reading article on your site. http://blog.portswigger.net/2008/08/attacking-parameter-names.html I am trying to add parameter name SQL Injection attack in the application. Following is c# code which I wrote - query = "select * from Script where " + name.ToString() + "='" + str + "'"; SqlConnection mycn = new SqlConnection(ConnectionString); SqlCommand mycom = new SqlCommand(query, mycn); mycn.Open(); SqlHelper obj = new SqlHelper(); DataTable dt = obj.ExecuteDataTable(mycom); URL - http://myapp/AcmeTrading/Searchresult.aspx?ScriptName=123 From your paper, I am not sure whether do I need to use some specific attack vector to exploit this. Can you please let me know if there is specific attack vector I need to use? Your help is highly appreciated. Thanks, I am creating a vulnerable application for training and I remember reading article on your site.

http://blog.portswigger.net/2008/08/attacking-parameter-names.html

I am trying to add parameter name SQL Injection attack in the application. Following is c# code which I wrote -

query = “select * from Script where ” + name.ToString() + “=’” + str + “‘”;
SqlConnection mycn = new SqlConnection(ConnectionString);
SqlCommand mycom = new SqlCommand(query, mycn);
mycn.Open();
SqlHelper obj = new SqlHelper();
DataTable dt = obj.ExecuteDataTable(mycom);

URL – http://myapp/AcmeTrading/Searchresult.aspx?ScriptName=123

From your paper, I am not sure whether do I need to use some specific attack vector to exploit this. Can you please let me know if there is specific attack vector I need to use?

Your help is highly appreciated.

Thanks,

]]> By: sid http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/comment-page-1/#comment-90678 sid Wed, 30 Sep 2009 17:04:40 +0000 http://www.notsosecure.com/folder2/?p=275#comment-90678 The RSS setting has been changed. The RSS setting has been changed.

]]> By: palako http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/comment-page-1/#comment-90673 palako Wed, 30 Sep 2009 12:47:14 +0000 http://www.notsosecure.com/folder2/?p=275#comment-90673 For more techniques that apply to this scenario, check the arithmetic blind sql injection section from our presentation at Shmoocon: <blockquote>www.slideshare.net/chemai64/shmoocon-2009-replayingblindsql</blockquote> For more techniques that apply to this scenario, check the arithmetic blind sql injection section from our presentation at Shmoocon:

http://www.slideshare.net/chemai64/shmoocon-2009-replayingblindsql

]]> By: hello http://www.notsosecure.com/folder2/2009/09/30/more-on-true-and-error-blind-sql-injection/comment-page-1/#comment-90663 hello Wed, 30 Sep 2009 09:27:52 +0000 http://www.notsosecure.com/folder2/?p=275#comment-90663 Hi,Sid. Why not let your rss Content display fully? Hi,Sid.
Why not let your rss Content display fully?

]]>