[Owasp-testing] Database Fingerprinting

Akash akashmahajan at gmail.com
Tue Dec 15 22:32:03 EST 2009


You can use a tool like sqlmap[1] to fingerprint.

Or just try to add sql to any form field.

example ' OR 1=1

If the query is not formatted properly you might get some kind of
error message.

1. http://sqlmap.sourceforge.net/#features



2009/12/16 Zaki Akhmad <zakiakhmad at gmail.com>:
> Hello,
>
> I want to do a blackbox testing web application to test from Internet.
> I knew the program language use is PHP but I haven't figured out the
> database being used.
>
> How do I perform database fingerprinting blackbox testing from
> Internet? Any hint?
>
> --
> Zaki Akhmad
> _______________________________________________
> Owasp-testing mailing list
> Owasp-testing at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-testing
>



-- 
warm regards,
Akash Mahajan
----------------------------------------------------------
Security Consultant, (Web / Networks /
Servers / IT/ Virtualization)
Founder Headstart Network Foundation
----------------------------------------------------------
http://www.linkedin.com/in/akashm
http://network.headstart.in
----------------------------------------------------------


More information about the Owasp-testing mailing list