[Owasp-testing] Database Fingerprinting

Akash akashmahajan at gmail.com
Tue Dec 15 22:32:03 EST 2009

You can use a tool like sqlmap[1] to fingerprint.

Or just try to add sql to any form field.

example ' OR 1=1

If the query is not formatted properly you might get some kind of
error message.

1. http://sqlmap.sourceforge.net/#features

2009/12/16 Zaki Akhmad <zakiakhmad at gmail.com>:
> Hello,
> I want to do a blackbox testing web application to test from Internet.
> I knew the program language use is PHP but I haven't figured out the
> database being used.
> How do I perform database fingerprinting blackbox testing from
> Internet? Any hint?
> --
> Zaki Akhmad
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing

warm regards,
Akash Mahajan
Security Consultant, (Web / Networks /
Servers / IT/ Virtualization)
Founder Headstart Network Foundation

More information about the Owasp-testing mailing list