Hello Jonathan, thank u for ur help, i did what ios wrote in the
website but dont work, the nessus and sss say me about sql injection
vulnerabilities and i know is not false positive because i know the
server and is under windows with sql database, but i try exploit it
with sql injection (the same that nessus say me) but dont work...i
dont know what is my mistake...good luck,bye.
On 4/30/05, Jonathan Clark <jclark@networkalliance.net> wrote:
Here is some good stuff on SQL INJECTION
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rls=GGLD,GGLD:2
004-03,GGLD:en&q=SQL+INJECTION
-----Original Message-----
From: nessus-bounces@list.nessus.org
[mailto:nessus-bounces@list.nessus.org] On Behalf Of Pablo Escobar
Sent: Friday, April 29, 2005 5:15 PM
To: nessus@list.nessus.org
Subject: help with SQL INJECTION please.
Hello people, I need help, I found many bugs with Nessus but i dont
know exploit them, I try what I find in internet but dont work,I think
im dont know use it...
well, they are bugs of SQL INJECTION, for example:
template.asp?id=%38
template.asp?id='OR
template.asp?id='UNION'
template.asp?id='
template.asp?id='%22
template.asp?id='+OR+'
and there are more bugs...please, somebody can help me and say me how
can I exploit it?, i was all day earching and triying but i cant,thank
u very much,good luck.
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
