Sqlbftools - Blind MySQL injection and database stressing

http://www.reversing.org/node/view/11

1041 views User:

Param

0 Comments Tag:

Currently tools are being used to get SQL data from a blind (Microsoft) sql injection, like datathief of absinthe. The problem in Mysql is the dificulty to get the database structure. In Mysql there are no Objects database or alike, so it's not possible to create an stored procedure to walktrough a database catalog as these programs do with other database managers.

The approach explained here is from a web service viewpoint. It's, from a web service vulnerable to sql injection.

Email this Story to a Friend

Post new comment

Mostly, when you see programmers, they aren't doing anything. One of the attractive things about programmers is that you cannot tell whether or not they are working simply by looking at them. Very often they're sitting there seemingly drinking coffee and gossiping, or just staring into space. What the programmer is trying to do is get a handle on all the individual and unrelated ideas that are scampering around in his head.

— Charles M. Strauss

Sqlbftools - Blind MySQL injection and database stressing

Post new comment

Similar Stories

Get Latest News in your Email

Tags

Who's online