Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures

from [Frederic Charpentier] Network Security [Permanent Link]
Subject: Re: [WEB SECURITY] RE: Blind SQL Injection / Stored procedures
Date: Thu, 17 Nov 2005 18:26:25 +0100 
hi evans,

I saw a good one at :http://www.securitymap.net/sdm/docs/windows/mssql-checklist.html

there's a list of stored procedure (not commented) like :

sp_sdidebug
xp_availablemedia
xp_cmdshell
xp_deletemail
xp_dirtree
xp_dropwebtask
xp_dsninfo
xp_enumdsn
xp_enumerrorlogs
xp_enumgroups
xp_enumqueuedtasks
xp_eventlog
xp_findnextmsg
xp_fixeddrives
xp_getfiledetails
xp_getnetname
xp_grantlogin
xp_logevent
xp_loginconfig
xp_logininfo
xp_makewebtask
xp_msver        xp_perfend
xp_perfmonitor
xp_perfsample
xp_perfstart
xp_readerrorlog
xp_readmail
xp_revokelogin
xp_runwebtask
xp_schedulersignal
xp_sendmail
xp_servicecontrol
xp_snmp_getstate
xp_snmp_raisetrap
xp_sprintf
xp_sqlinventory
xp_sqlregister
xp_sqltrace
xp_sscanf
xp_startmail
xp_stopmail
xp_subdirs
xp_unc_to_drive
Xp_regaddmultistring
Xp_regdeletekey
Xp_regdeletevalue
Xp_regenumvalues
Xp_regread
Xp_regremovemultistring
Xp_regwrite
Sp_OACreate
Sp_OADestroy
Sp_OAGetErrorInfo
Sp_OAGetProperty
Sp_OAMethod
Sp_OASetProperty
Sp_OAStop


Evans, Arian wrote: 
Fancois, nice explanation,

-----Original Message-----
From: LAROUCHE Francois [mailto:Francois.Larouche@accorservices.com] Sent: Thursday, November 17, 2005 8:59 AM
[...]
d) If you still can't well sorry... I think there is no other way except those already mentioned by the others (by the way to execute xp_makewebtask you need to have high user privileges something you are obviously not) 

Has anyone published a complete list/table of MSSQL (and other DB)
stored procs/pls on the web, and what the default privs to them are?

I've made one but I'm not sure yet if I'm allowed to publish it.

This would be a nice handy sql-injection reference table for
people who are new to SQLi with stored procs, or just have a
bad memory/aren't very smart [me].

-ae





---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/



--
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web  : http://www.xmcopartners.com/tests-intrusion.html

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Blind SQL Injection / Stored procedures, Phillip Powell
Next by Date:  RE: Blind SQL Injection / Stored procedures, Evans, Arian
Previous by Thread:  RE: Blind SQL Injection / Stored procedures, Evans, Arian
Next by Thread:  RE: Blind SQL Injection / Stored procedures, LAROUCHE Francois
Indexes:  [Date] [Thread] [Top] [All Lists]