P.s. http://support.microsoft.com/kb/240872
This is a classic permission error. I am more than keen to see how Havij
does this. Waiting for your reply
Kind regards,
Miroslav Stampar
On Feb 22, 2012 7:38 AM, "Miroslav Stampar"
wrote:
> Hi.
>
> As there is no DBUSERNAME in the request I would say
Hi.
As there is no DBUSERNAME in the request I would say that the request is
not the problem here. Now, I am interested how Havij manages it though.
Is there a way for you to provide me privately with either: target url or
untouched traffic file together with Burp log for Havij run against that
t
DBUSERNAME = database user nameDATABASENAME = name of the current database
let me know if this is not helpful or if you need the snippet of html (which is
just the hopepage)
HTTP request [#1]:POST /index.asp?action=auth HTTP/1.1Accept-Encoding:
identityAccept-charset: ISO-8859-15,utf-8;q=0.7,*;q
Hi.
What technique has been used and could you please send traffic file (-t
traffic.txt --fresh-queries)?
Kind regards,
Miroslav Stampar
On Feb 21, 2012 9:37 PM, "John Booth" wrote:
> Hello,
>
> First some background information
>
> 1. Havij was able to enumerate databases, tables, columns & d
