The simplest way would be query each of the tables whose names are returned from the first query, something like this:
SELECT TOP 1 * FROM <TABLE_NAME>
This will return a single row and column names.
-----
Kve�ja/Regards
Eirikur Eiriksson
�ryggisstj�ri / CISO
S�minn / Iceland Telecom
[EMAIL PROTECTED] wrote on 19.03.2005 20:23:17:
> I am conducting a pen-test on a web app that is vulnerable to SQL
> injection. The backend database is MS access.....
>
> i have managed to get a list of table names using something like the
> following:
> select Name, from MSysObjects
> where Type=1
> and Name not like "MSys*";
> However, I am struggling to find a way to gather a list of column
> names from each table which
> would allow me to read any data from the database......
> None of the sql injection papers / tutorials seem to have much to
> say about Access databases...
> Anybody got any ideas?
> Thanks in advance...
> [EMAIL PROTECTED]
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
