| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <E85F04E8B6B65311347CFA7E@Macintosh-2.local>
Date: Sat, 07 Feb 2009 22:10:59 -0600
From: Paul Schmehl <pschmehl_lists@...rr.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: SFX-SQLi: A new SQL injection technique for
SQL Server (dumps a table in one request!)
--On February 7, 2009 10:02:21 AM -0600 Daniel Kachakil
<dani@...hakil.com> wrote:
>
> I have written a paper describing how the technique works and in which
> fundamentals it is based, and I have also developed a tool which
> implements
> this technique as a proof of concept (with the source code included).
>
> You can get them through this URL:
>
> http://www.kachakil.com/papers/SFX-SQLi-en.htm
Having read your paper, I'm a bit confused about what you think the "new
SQL injection technique" is that you've discovered. I understand you have
determined a way to *extract* data in a more compact and efficient format,
but I didn't see any new *injection* technique. IOW, the FOR XML
construct isn't going to assist you in obtaining the data - only in
obtaining it more efficiently.
Did I miss something?
Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
******************************************
WARNING: Check the headers before replying
Content of type "application/pkcs7-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists