SQL injections and connections to a DB

From: Mike Tupker (mtupker@gmail.com)
Date: Tue Jul 12 2005 - 17:40:42 EDT

• Next message: Bones: "Windows privelege escalation?"
• Previous message: blowfish 448: "Pentest Letter of Achievement/Certificate"
• Next in thread: Tibor Csonka: "Re: SQL injections and connections to a DB"
• Reply: Tibor Csonka: "Re: SQL injections and connections to a DB"
• Reply: Felipe Balbi: "Re: SQL injections and connections to a DB"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We have a IIS web server setup on our DMZ with a connection to our DB
server which is running MS SQL server 7. Does anyone know of a program
that will check the code in a web page for vulnerabilities such as SQL
injections, overflows, or anything else that I might not be aware of?
Basically, I would like to know if there is any way for someone to use
the server on the DMZ to get to the DB server and cause damage.

Thanks in advance,

Mike Tupker

• Next message: Bones: "Windows privelege escalation?"
• Previous message: blowfish 448: "Pentest Letter of Achievement/Certificate"
• Next in thread: Tibor Csonka: "Re: SQL injections and connections to a DB"
• Reply: Tibor Csonka: "Re: SQL injections and connections to a DB"
• Reply: Felipe Balbi: "Re: SQL injections and connections to a DB"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:32 EDT