MS Access SQL Injection
Results 1 to 4 of 4

Thread: MS Access SQL Injection

  1. #1
    Junior Member
    Join Date
    Sep 2002
    Posts
    2

    Question MS Access SQL Injection

    There are some excellent papers on SQL injection for MS SQL Server, but I can't seem to find much information on exploiting MS Access as a web site backend database.

    I suppose Access is also inherently less exploitable as it is less powerful. Not being able to add comments to SQL or have multiple SQL statements in Access restricts injection capabilities.

    Having said that, does anyone know of any resources for this?

    1nf1d3l

  2. #2
    Banned
    Join Date
    Sep 2001
    Posts
    853
    http://www.owasp.org/asac/input_validation/sql.shtml
    dont know if that helps but... worth a shot
    rioter

  3. #3
    Member
    Join Date
    Dec 2001
    Posts
    50
    I think hacking exposed win2k has alot of information about that kind of stuff.If you check out the site or go to amazon.com and you could get it hella cheap.
    [glowpurple]A_420_hacker_24::.\"A man without a computer is just a man, a man with a computer is a Admin\" ... \"If its not 4:20 on your clock, it\'s time to change the time\"..:Quotations from Larry Wall:.
    \"I think you didn\'t get a reply because you used the terms \"correct\" and \"proper\", neither of which has much meaning in Perl culture. :-) \"
    [/glowpurple]

  4. #4
    Member
    Join Date
    May 2002
    Posts
    40
    Hey 1nf1d3l
    I was checking this issue lately. All the things you said are (as far as i know) true. Contact me on the ICQ. My number is the sum of the numbers 15003113 + 36654
    Cya

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •