Posts
Saturday, October 2, 2010
Injecting Client-Side Script from an ASP.NET Server Control Scott MitchellAugust 2003Applies...
SQL Injection Cheat Sheet!---->Find and exploit SQL Injections with Free SQL Injection Scanner SQL...
This appeared to be an entirely custom application, and we had no prior knowledge of the application nor access to the source code: this was a "blind" attack. A bit of poking showed that this server ran Microsoft's IIS 6 along with ASP.NET, and this suggested that the database was Microsoft's SQL server: we believe that these techniques can apply to nearly any web application backed by any SQL server.The login page had a traditional...
Subscribe to:
Posts (Atom)