1) Create User WebUser
2) Make it db_Owner for the application database
3) Execute below SQL statements
use [master]
GO
DENY SELECT ON [INFORMATION_SCHEMA].[TABLES] TO [Public]
DENY SELECT ON [INFORMATION_SCHEMA].[COLUMNS] TO [Public]
DENY SELECT ON [INFORMATION_SCHEMA].[VIEW_COLUMN_USAGE] TO [Public]
DENY SELECT ON [INFORMATION_SCHEMA].[CONSTRAINT_COLUMN_USAGE] TO [Public]
DENY SELECT ON [INFORMATION_SCHEMA].[COLUMN_PRIVILEGES] TO [Public]
GO
Use [SQLInjection]
GO
DENY SELECT ON [sys].[columns] TO [test]
DENY SELECT ON [sys].[tables] TO [test]
DENY SELECT ON [sys].[syscolumns] TO [test]
DENY SELECT ON [sys].[sysobjects] TO [test]
DENY SELECT ON [sys].[objects] TO [test]
DENY SELECT ON [sys].[syscomments] TO [test]
GO
Friday 12 November 2010
Script to find out the SQL infection
DECLARE @T varchar(255),@C varchar(4000)
DECLARE Table_Cursor CURSOR FOR
select a.name,b.name from sysobjects a,syscolumns b
where a.id=b.id and a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231
or b.xtype=167)
OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C
WHILE(@@FETCH_STATUS=0)
BEGIN
exec('Select * from ['+@T+'] where ['+@C+'] like ''%title%''')
FETCH NEXT FROM
Table_Cursor INTO @T,@C END CLOSE
Table_Cursor DEALLOCATE Table_Cursor
DECLARE Table_Cursor CURSOR FOR
select a.name,b.name from sysobjects a,syscolumns b
where a.id=b.id and a.xtype='u' and (b.xtype=99 or b.xtype=35 or b.xtype=231
or b.xtype=167)
OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T,@C
WHILE(@@FETCH_STATUS=0)
BEGIN
exec('Select * from ['+@T+'] where ['+@C+'] like ''%title%''')
FETCH NEXT FROM
Table_Cursor INTO @T,@C END CLOSE
Table_Cursor DEALLOCATE Table_Cursor
Subscribe to:
Posts (Atom)