[<prev] [next>] [day] [month] [year] [list]
Message-ID: <f5dc671003211310g1151b436m6dc31b3b1855e969@mail.gmail.com>
Date: Sun, 21 Mar 2010 20:10:25 +0000
From: Benji <me@...ji.com>
To: MustLive <mustlive@...security.com.ua>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: SQL DB Structure Extraction vulnerabilities
I would love to, can you do an article about it please? Ive just about
grasped email but I think I definitely have potential.
Much love,
Benji
On Sun, Mar 21, 2010 at 7:56 PM, MustLive <mustlive@...security.com.ua>wrote:
> *Hello Benji!*
>
> > oh dude, I've missed you.
>
> Really? :-)
>
> To not miss me, you can read my site with help of Google Translate (and
> there is a link to Google Translate at every page of my site).
>
> Best wishes & regards,
> MustLive
> Administrator of Websecurity web site
> http://websecurity.com.ua
>
> ----- Original Message -----
> *From:* Benji <me@...ji.com>
> *To:* MustLive <mustlive@...security.com.ua>
> *Sent:* Saturday, March 20, 2010 9:30 PM
> *Subject:* Re: [Full-disclosure] SQL DB Structure Extraction
> vulnerabilities
>
> oh dude, I've missed you.
>
> On Wed, Mar 17, 2010 at 9:36 PM, MustLive <mustlive@...security.com.ua>wrote:
>
>> Hello Full-Disclosure!
>>
>> Yesterday I wrote English version of my article SQL DB Structure
>> Extraction
>> vulnerabilities (http://websecurity.com.ua/4038/).
>>
>> There is such variety of Information Leakage vulnerabilities as SQL DB
>> Structure Extraction. This vulnerability lie in that there is information
>> leakage in web application about structure of the database. This
>> information
>> leakage can be of use at SQL Injection attack.
>>
>> Such vulnerability I found first time already in 2006 (at one site) and
>> gave
>> it this name. Such vulnerabilities I found at many web sites and also in
>> many web applications.
>>
>> In the article I talked about SQL DB Structure Extraction, different
>> variants of SQL Errors (three variants) and about difference between SQL
>> DB
>> Structure Extraction and SQL Error.
>>
>> You can read the article SQL DB Structure Extraction vulnerabilities at my
>> site: http://websecurity.com.ua/4038/
>>
>> Best wishes & regards,
>> MustLive
>> Administrator of Websecurity web site
>> http://websecurity.com.ua
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists