Your input isn't going to a database server, it's being used in a
vbscript statement in the .asp script. The VBScript code is probably doing
some sort of calculation and freaked out when it tried to do it with
non-numeric data. So SQL injection probably won't be possible with that
parameter. If they're not sanitizing input on that script though, they're
probably not doing a great job in other places either. Keep on trying other
parts of the web application.
Kevin.
[EMAIL PROTECTED]
----- Original Message -----
From: "Alex Harasic" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, February 20, 2002 7:54 AM
Subject: SQL Injection
>
>
>
> Hi, I was trying SQL Injection things and I ran into the
> following problem:
>
> http://www.targethost.com/test.asp?pm=')
>
> And I get the following results:
>
> Microsoft VBScript runtime error '800a000d'
>
> Type mismatch: '[string: "'"]'
>
> D:\WEBROOT\..\..\include\ConstantesDNAfs.inc,
> line 53
>
>
>
> Ok. Besides the Path Disclosure problem, I'm trying
> to build a SQL Query but it seems the server won't
> let me pass quotes ( ' ) to it.
>
> If instead of sending ') as a parameter I just put a ', it
> brings me back to the start page.
>
> Is there any way to bypass this type mismatch
> thing?, I could make sql queries work with other .asp
> but not this one..
>
>
> Alex S. Harasic
> [EMAIL PROTECTED]
>
> --------------------------------------------------------------------------
--
> This list is provided by the SecurityFocus Security Intelligence Alert
(SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please
see:
> https://alerts.securityfocus.com/
>
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
