On Wed, Feb 14, 2007 at 09:39:41PM +0000, Datdamwuf Datdamwuf wrote:
Nessus gave me a hit on callbook, port 2000 for Blind SQL Injection but
the report (someone else ran it) did not have the plugin ID and my
searches on the plugins were not successful.
Could it have been plugin #11139, sql_injection.nasl?
The link in the vuln was somewhat helpful but I wondered if anyone has a
good resource(s) for more info on this vuln and also if anyone can
recommend a good open source tool to test Blind SQL injection?
cgisecurity.com recently published an interview with sullo, author of
nikto:
http://www.cgisecurity.com/interviews/nikto.shtml
When the topic of blind SQL injection came up, Sullo said things are
pretty "rough" in the area still.
George
--
[EMAIL PROTECTED]
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
