On Tue, 7 Jan 2003 17:29:55 -0800 "Joe Luna" <[EMAIL PROTECTED]> wrote:
> the username/password which I'm assuming is some sort of administrative > account. > What I'm not sure of is the type of database or even how to connect > using the credentials gained from the conf file. > Any pointers? .. this tells you that they are using a postgreSql database. if you dont have a local account, postgresql might help you to get one. if you can find a single sql-injections flaw (http://www.owasp.org/asac/input_validation/sql.shtml) postgresql will supply you with anything you need. it supports multiple statements (1st'; your query; aso.) Mei [EMAIL PROTECTED] http://www.websec.org ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
