tag:blogger.com,1999:blog-8503755746105415394.post-82298233829596974312008-03-22T09:30:00.000Z2008-03-22T09:30:00.000Z

If we know enough about the application to try and conduct a csrf-based sql injection attack, I'm sure we know the table structure; but if we don't (or we're trying to exploit the application only to see data for a proprietary app or something since a generic xp_cmdshell or similar approach won't work) we can always leverage the sql injection to get us some xss and then use xsstunnel to tunnel

kuza55http://www.blogger.com/profile/03932544559060480887noreply@blogger.com