[Owasp-testing] Database Fingerprinting

Aung Khant aungkhant at yehg.net
Sun Dec 20 11:39:31 EST 2009


Try sqlin into every legitimate Request(post, get, headers) and observe if
it's injectable.
If the application is not prone to show error messages, then blind sqlin is
the possible way to fingerprint and test sqlin.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-testing/attachments/20091220/0b032792/attachment.html 


More information about the Owasp-testing mailing list