Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "SQL injection/Target Environments/Mapping/Legacy"

From NetSec
Jump to: navigation, search
(Created page with "<noinclude>{{subpage|SQL injection}}</noinclude> The information_schema database entered the open source community in MySQL version 5 and at the end of PostgreSQL Version 7.3; ol...")
 
(No difference)

Latest revision as of 01:34, 19 July 2012

back to SQL injection


The information_schema database entered the open source community in MySQL version 5 and at the end of PostgreSQL Version 7.3; old and current versions of SQL engines contain their schema information in their administration databases. More information can be found on this by combining techniques listed here with the manuals and documentation.

Access/MSSQL

  • sysobjects table/database (Legacy Access/Jet Engine)
  • msysobjects table/database (Legacy SQL Server CE)
PROCEDURE ANALYSE might come in handy.

MySQL 4

  • MySQL.columns_priv
  • MySQL.tables_priv
  • MySQL.db
It is typical that legacy database versions require privileged access for flexible mapping.