From: Martin Eiszner (martin@websec.org)
Date: Thu Jan 09 2003 - 01:44:00 EST
On Tue, 7 Jan 2003 17:29:55 -0800
"Joe Luna" <joeluna@socal.rr.com> wrote:
> the username/password which I'm assuming is some sort of administrative
> account.
> What I'm not sure of is the type of database or even how to connect
> using the credentials gained from the conf file.
> Any pointers?
.. this tells you that they are using a postgreSql database.
if you dont have a local account, postgresql might help you to get one.
if you can find a single sql-injections flaw (http://www.owasp.org/asac/input_validation/sql.shtml)
postgresql will supply you with anything you need. it supports multiple statements (1st'; your query; aso.)
Mei
mei@websec.org
http://www.websec.org
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT