Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Simplifying enumeration by error messages

from [Patrik Karlsson] Network Security [Permanent Link]
Subject: Simplifying enumeration by error messages
Date: Thu, 29 Nov 2007 19:51:48 +0100 
Hi,

I have published a brief article on how enumeration of database
information through error messages could be simplified. 

Several of the scripts I have looked at use the returning data from the
previous error message to modify the SQL statement so that data from the
next row can be fetched. The approach I have decided to use is slightly
different and independent of the data returned by the error message. 

The article is available here:
http://www.cqure.net/wp/?p=61

Any comments or suggestions are very welcome and greatly appreciated.

Regards,
Patrik

---------------------------------------
Patrik Karlsson
Senior Partner
Inspect it AB
Box 852
SE-101 37 Stockholm
Sweden

Phone: +46 (0)8 613 7082
Mobile: +46 (0)76 831 7082
Fax: +46 (0)76 147 1826
www: http://www.inspectit.se
----------------------------------------


-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  ExploitMe Series, nish
Next by Date:  Re: Simplifying enumeration by error messages, Paul Johnston
Previous by Thread:  ExploitMe Series, nish
Next by Thread:  Re: Simplifying enumeration by error messages, Paul Johnston
Indexes:  [Date] [Thread] [Top] [All Lists]