Remote Web Application Disassembly with ODBC Error Messages presented at BlackHatWindows 2001

by David Litchfield,

Summary : The talk will discuss how to use ODBC error messages caused by specially crafted queries to remotely disassemble a web application running on IIS feeding into an SQL database server, without ever having had access to the ASP source code or without any knowledge of the SQL server's structure, returning such information as table names, the name of every column in that table and the data type expected by that column. Once the application (in this talk a login page) has been disassembled the talk will then go on to demonstrate how to use this information to create an account and gain access to the restricted areas of the site.
Known as the UK's NT Guru by ZDNet, David is a world-renowned security expert specializing in Windows NT and Internet security. His discovery and remediation of over 100 major vulnerabilities in products such as Microsoft's Internet Information Server and Oracle's Application Server have lead to the tightening of sites around the world. David Litchfield is also the author of Cerberus' Internet Scanner (previously NTInfoscan), one of the world's most popular free vulnerability scanners. In addition to CIS, David has written many other utilities to help identify and fix security holes. David is the author of many technical documents on security issues including his tutorial on Exploiting Windows NT Buffer Overruns referenced in the book "Hacking Exposed".
Their Presentation! (PowerPoint 37k)