[OWASP-WEBGOAT]Problem with "Perform a blind SQL Injection"
bruce.mayhew at aspectsecurity.com
Fri Dec 9 15:09:37 EST 2005
This is most likely a problem with the enhydra DB we use for Linux. I'll
try to get the fix for this in the patch release which should be released
soon. Unfortunately, this one is a bug.
----- Original Message -----
From: "David Echarri" <davidecharri at yahoo.es>
To: <owasp-webgoat at lists.sourceforge.net>
Sent: Friday, December 09, 2005 11:50 AM
Subject: [OWASP-WEBGOAT]Problem with "Perform a blind SQL Injection"
> Hi everyone!
> I've installed WebGoat 3.7 under Linux, and found a
> problem when doing the test "How to perform Blind SQL
> The screen WebGoat presents to me always says "An
> error ocurred, please try again", which is given when
> an SQL Exception has been thrown.
> The log file has several entry like the following one:
> http-80-Processor25 SELECT TOP 1 first_name FROM
> user_data WHERE userid = 15613
> Don't understand SQL after: "SELECT"
> Expected: "INTO" found: "first_name"
> If anyone could give me a hint on how to solve the
> I would greatly appreciate it!
> David Echarri
> Renovamos el Correo Yahoo!
> Nuevos servicios, más seguridad
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> for problems? Stop! Download the new AJAX search engine that makes
> searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
> OWASP-WEBGOAT mailing list
> OWASP-WEBGOAT at lists.sourceforge.net
More information about the Owasp-webgoat