Re: how to exploit SQL INJECTION?

From: David Eduardo Acosta Rodríguez (david.acosta@internet-solutions.com.co)
Date: Tue Jun 21 2005 - 18:37:14 EDT


Hi:

Please read:

http://www.ngssoftware.com/papers.htm <- very interesting papers about SQL
Injection
http://security-papers.globint.com.ar/oracle_security/sql_injection_in_oracle.php
<- from Esteban Martínez Fayó
http://www.imperva.com/application_defense_center/papers/ <- Good papers

Cordial saludo,

         Ing. David E. Acosta R.
      Security Consultant - CISSP
       Internet Solutions Colombia
  "The Information Security Experts"
http://www.internet-solutions.com.co
 david.acosta@internet-solutions.com.co
       Phone (movil):(300)2089961
 Phone (office):(091)3120910 ext 17

----- Original Message -----
From: "Pablo Escobar" <slackware77@gmail.com>
To: <pen-test@securityfocus.com>; <nessus@list.nessus.org>;
<bugtraq@securityfocus.com>
Sent: Tuesday, June 21, 2005 4:06 PM
Subject: how to exploit SQL INJECTION?

Hello people, I made in my network website server with SQL with
vulnerabilities to learn how to exploit it, I searched in google and i
tried but dont work, the report of the nessus is:

The following URLs seem to be vulnerable to various SQL injection
techniques :

/resources/expand_subject.asp?id='UNION'
/resources/expand_subject.asp?id='UNION'
/resources/expand_subject.asp?id='UNION'
/resources/expand_subject.asp?id='
/resources/expand_subject.asp?id='
/resources/expand_subject.asp?id='
/resources/expand_subject.asp?id='%22
/resources/expand_subject.asp?id='%22
/resources/expand_subject.asp?id='%22
/resources/expand_subject.asp?id=9%2c+9%2c+9
/resources/expand_subject.asp?id=9%2c+9%2c+9
/resources/expand_subject.asp?id=9%2c+9%2c+9
/resources/expand_subject.asp?id='bad_bad_value
/resources/expand_subject.asp?id='bad_bad_value
/resources/expand_subject.asp?id='bad_bad_value
/resources/expand_subject.asp?id=bad_bad_value'
/resources/expand_subject.asp?id=bad_bad_value'
/resources/expand_subject.asp?id=bad_bad_value'
/resources/expand_subject.asp?id='+OR+'
/resources/expand_subject.asp?id='+OR+'
/resources/expand_subject.asp?id='+OR+'
/resources/expand_subject.asp?id='WHERE
/resources/expand_subject.asp?id='WHERE
/resources/expand_subject.asp?id='WHERE
/resources/expand_subject.asp?id=%3B
/resources/expand_subject.asp?id=%3B
/resources/expand_subject.asp?id=%3B
/resources/expand_subject.asp?id='OR
/resources/expand_subject.asp?id='OR
/resources/expand_subject.asp?id='OR
/resources/expand_subject.asp?id=' or 1=1--
/resources/expand_subject.asp?id=' or 1=1--
/resources/expand_subject.asp?id=' or 1=1--
/resources/expand_subject.asp?id= or 1=1--
/resources/expand_subject.asp?id= or 1=1--
/resources/expand_subject.asp?id= or 1=1--
/resources/expand_subject.asp?id=' or 'a'='a
/resources/expand_subject.asp?id=' or 'a'='a
/resources/expand_subject.asp?id=' or 'a'='a
/resources/expand_subject.asp?id=') or ('a'='a
/resources/expand_subject.asp?id=') or ('a'='a
/resources/expand_subject.asp?id=') or ('a'='a

now,how can I exploit it?,somebody can guide me plz?,thank u very
much,good luck.



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT