MS Access+pen-test

From: wymerzp@sbu.edu
Date: Wed Jun 13 2007 - 15:55:07 EDT

Next message: Tiago Batista: "Re: Pentesting Old unsupported Firewall Appliances"
Previous message: scott: "Tcpdfilter"
Next in thread: Jim Halfpenny: "Re: MS Access+pen-test"
Reply: Jim Halfpenny: "Re: MS Access+pen-test"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) I was looking over a client's website when I discovered a classic (almost cliche) sql injection vulnerability (i.e. Username ' OR ''=' | Password ' OR ''='). I did more poking and prodding and discovered that they are using MS Access for a backend. I know you can't string queries together (i.e. Select user from tbl where blah = var; Select...). My question is then, is there any 'good way' to use sql injection against this database to drive home the severity of the lack of input validation? Currently, the best I got was access to non-sensitive information that one simply needed to supply an email for.
Thanks a lot,
Zach

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Next message: Tiago Batista: "Re: Pentesting Old unsupported Firewall Appliances"
Previous message: scott: "Tcpdfilter"
Next in thread: Jim Halfpenny: "Re: MS Access+pen-test"
Reply: Jim Halfpenny: "Re: MS Access+pen-test"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:52 EDT