Oracle Sql Injection

GovernmentSecurity.org > The Archives > Exploit Articles

virus

May 26 2004, 07:16 AM

Hi,
I can accross this website that uses Oracle as its backend. I was bored and wanted to know if the site was vulnerable to SQL injection so I played around with it. A number (ID) was being passed via the URL and no type check was being performed on it. If I enter an single inverted comma (') it will display an error: "You have an error in your SQL syntax"

Here is what the url looks like:
http://its.sampleDomain.com/faq.php?cat_id=2&parent_id=9

I tried the following:
http://its.sampleDomain.com/faq.php?cat_id...#39;'x'

I played with the above, manipulating it time and again, but it didn't work out. I was wondering if anyone could help me pull a stunt here

Any help is much appreciated.

P.S: OK, its my employers website that I'm playing around with

... the guys at the Central Services are lazy enough to put simple checks and I want them to realize their mistakes.

[EDIT] On second thoughts, if it were an Oracle server it would have given me an ORA-ODBC error, right? Maybe its a SQL server

or someother DB

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.