[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] Insomnia: Whitepaper - Access Through Access

From: "Brett Moore" <brett.moore@xxxxxxxxxxxxxxx>
Subject: [WEB SECURITY] Insomnia: Whitepaper - Access Through Access
Date: Thu, 1 May 2008 12:18:24 +1200

___________________________________________________________________ 


 Insomnia Security :: Access Through Access 
___________________________________________________________________ 


 Name: Access Through Access 
 Released: 01 May 2008 
 Author: Brett Moore, Insomnia Security 
 Original Link: 
 http://www.insomniasec.com/releases/whitepapers-presentations 
___________________________________________________________________ 

MS Access is commonly thought of as the little brother of Database
engines, and not a lot of material has been published about methods
used for exploiting it during a penetration test. 

The aim of this paper is to bring a lot of disparate information
together into one guide. This paper will outline methods to 
identify different versions of MS Jet, some SQL Injection methods
to use during tests, and some other techniques to access files,
servers, and potentially gain command access. 
___________________________________________________________________ 




----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Prev by Date: Re: [WEB SECURITY] Fake Captcha Protection
Previous by thread: [WEB SECURITY] Fake Captcha Protection
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site