I came across Bugtraq with an interesting whitepaper about SQL Injections. And i figured that there might be ppl who wanna know more about this vuln were interested in reading this.

It can be found HERE (Normal url: http://www.webcohort.com/Blindfolded_SQL_Injection.pdf ) it's pdf as you can see....

Have a good time.
woutiir

P.S. i hope i posted in the right forum?
/woutiir

Very interesting read...thanks!

good article woutiir....this is right up my street , i been working on ways to gain access via return errors and exploiting the UNION tables to reveal info.. alot by gaining direct access bypassing any form of login...

thing that caught my eye in the paper was close to the bottom (null)...its exact what i have been doing , and the amount of info ..well say no more ..i slammed right into the db with alarming ease.

nice post and a good read

cheers

NE time mate

As long some ppl adore it, i'm sattisfied

woutiir