Is Interesentin for w3af. ;)
--
Ulises U. Cuñé
Web: http://www.ulises2k.com.ar
---------- Forwarded message ----------
From: Daniel Kachakil <d...@kachakil.com>
Date: Fri, Feb 6, 2009 at 10:10
Subject: SFX-SQLi: A new SQL injection technique for MSSQL (dumps a table in
one request!)
To: bugt...@securityfocus.com
Hi,
I am glad to release SFX-SQLi (Select For XML SQL injection), a new SQL
injection technique which allows to extract the whole information of a
Microsoft SQL Server 2005/2008 database in an extremely fast and efficient
way.
This technique is based on the FOR XML clause, which is able to convert the
content of a table into a single string, so its contents could be appended
to some field injecting a subquery into a vulnerable input of a web
application. In most cases, this method can dump all the contents of any
table using only ONE REQUEST to the web server, without the need of any
special permission on the DBMS.
I have written a paper describing how the technique works and in which
fundamentals it is based, and I have also developed a tool which implements
this technique as a proof of concept (with the source code included).
You can get them through this URL:
http://www.kachakil.com/papers/SFX-SQLi-en.htm
Regards,
Daniel Kachakil
------------------------------------------------------------------------------
Create and Deploy Rich Internet Apps outside the browser with Adobe(R)AIR(TM)
software. With Adobe AIR, Ajax developers can use existing skills and code to
build responsive, highly engaging applications that combine the power of local
resources and data with the reach of the web. Download the Adobe AIR SDK and
Ajax docs to start building applications today-http://p.sf.net/sfu/adobe-com
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
