This afretnoon, after the database has been changed once again due to the customers requirements (why oh why !?) and your servant had to update the webservice for supplying what the custommer wanted (remember the webcomic right?) ...
So here I sit and checking the the table that had to update .. it seems that it is [tblByyyyReeee] that has a new collumn but grrr : the CopyPaste does not work here . Romi offers clicking on the table's name in the Object Explorer , but hey , there is a nice way to that
Scratching my old security consulting days memories back there in Comsec here is
select *
from syscolumns
where id in(
select id
from sysobjects
where name = 'tblByyyyReeee'
)
P.S. this is how you steal the database using the simple SQL Injection Vulnerability
No comments:
Post a Comment