|
GuyThiebaut wrote: this 'feature'...
Oh, you mean xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ?
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994.
|
|
|
|
|
I think you do not believe in
Continuous effort - not strength or intelligence - is the key to unlocking our potential.(Winston Churchill)
|
|
|
|
|
I do!
You just need to ask your question another 1,000,000,000,000,000,000 times and people will give you the answer - that's what I do and it always works
[edit] I think the reason why you have not had an answer so far is that the information you seek can be used to both protect and attack a system(that's why I won't give you the information)...
Continuous effort - not strength or intelligence - is the key to unlocking our potential.(Winston Churchill)
|
|
|
|
|
Before asking u i had already asked 2*999,999,999,999,999,999 times
Thanks for your support mate.
Some hints would certainly help.
|
|
|
|
|
HARISHCHOWDHARY wrote: Now please suggest me the ways to get into the database and to bypass the
authentication mechanisms so that i can suggest the improvements of the security
features of the application under test.
1. You can research that and buy books on the subject.
2. I would suggest that you tell your employer (presumably there is one) that you are not the best person to do this because real testing requires real and substantial knowledge. Without that such testing is unlikely to be close to sufficient.
|
|
|
|
|
Can you suggest me the name of the books as i have lot of them but in case if i missed an important one,, it will be a great help.
Thanks
|
|
|
|
|
As others have pointed out, you aren't likely to get an answer here. There are two reasons:
1. Even if we believe that your intentions are good, this is a public forum which means that the answer is available for anybody to see; and we don't know their intentions.
2. Pen testing is a huge topic, best left to professionals. You can train in this side, and this might be your best option.
|
|
|
|
|
Hi,
I don't mean any disrespect... but if you have to ask these types of questions... maybe you should defer the security audit to a seasoned security professional. With that being said... some basics:
1.) Check for the Oracle default passwords.
2.) Implement an ascii permutative brute force password scanner. You could probably scan for weak passwords <= 5 characters in a single day.
3.) Use the Metasploit framework[^] to check for public vunerabilities[^].
4.) Purchase a Zero-Day licence at one of the security research groups. I would recommend Vupen[^].
Best Wishes,
-David Delaune
|
|
|
|
|
Hi,
Thanks for the help.Sometimes we have to ask this type of questions to find a new approach.But i am grateful for your answer.
With Warm Regards,
Harish Chaudhary
|
|
|
|
|
How to fetch records as
OTH
IA
LE
from table using Like query without using OR.as
select *from Issue where ReqControlNo like '%i%' or ReqControlNo like '%h%' or ReqControlNo like '%l%'
query should be as
select *from Issue where ReqControlNo like 'condition'
the condition should be in one string.
is there any solution please?
|
|
|
|
|
That's a task for the Union.
|
|
|
|
|
Is this SQL server? Recently I wrote a CLR Scalar Function that uses RegEx to do that, that might be the sort of thing you need. I doubt it's easily doable with straight SQL.
|
|
|
|
|
yes.
it is Sql Server.
Actually ,I want to search those records that have i ,l or h.
I want put the string in database.as %comm% for Records that have comm.
%crd% for records that have crd.
same way i want to store the string for i,l and h.in one string.
|
|
|
|
|
Uma Shankar Patel wrote: the condition should be in one string.
Could you explain that? To me, the conditional filter is the entire WHERE clause.
Are you by any chance looking for the full-text search[^]?
Bastard Programmer from Hell
|
|
|
|
|
Try this
Declare @t table (Record Varchar(20))
Insert Into @t Select 'OTH' Union All Select 'IA' Union All Select 'LE' Union All Select 'xxx'
Select *
From @t
Where Record like '%[H,A,E]%'
/* Result */
Record
OTH
IA
LE
Hope this helps
Thanks in advance
Niladri Biswas
|
|
|
|
|
You already have best solution.
|
|
|
|
|
Finally I have achieve this by
select *from Issue where ReqControlNo like '[ilh]%'
|
|
|
|
|
i have to create a table item which has an attribute item category....category is a multivalued attribute...can anyone tell how to implement this?
create table item_info(itemno varchar(5),item_sno varchar(30),condition varchar(20),
color varchar(15),
corigin varchar(20),
Year_prod integer, PRIMARY KEY(itemno,item_sno))
|
|
|
|
|
you need to create a lookup table to store the category values and then a bridge table to store the categories for items.
CREATE TABLE Categories (
CategoryID int,
CategoryName varchar(100)
)
CREATE TABLE ItemCategories (
Itemno varchar(5),
CategoryID int
)
You can store multiple rows in the ItemCategories table for each item.
|
|
|
|
|
Create two tables as:
Item_Category
{ItemID int identity(1,1) primary key, Item_CategoryName NVARCHAR(100))
AND
another one is
Item
{
ItemSrNo int identity(1,1) primary key,
ItemID int, --foreign key references values from Item_Catory Table
Column3, ,,,n
}
|
|
|
|
|
Hi, in my project I tried to backup my database and then restore using SMO. While backing up and restoring it gives no errors and catches no exception. All of them seem to work great. However, after I perform backup to a file, I deleted the data and/or a table from my database to see whether restoring operation will perform correctly or not. However, when I deleted a table or just data in the table, if I perform restore operation, neither the table nor the data in the table comes back. As a result either backup or restore operation does not work correctly. My backup and restore methods are as in the following :
public bool BackUpDB(string DBpath)
{
try
{
ServerConnection srvConn = new ServerConnection(Program.serverName);
srvConn.LoginSecure = true;
srvr = new Server(srvConn);
Backup bkpDatabase = new Backup();
bkpDatabase.Action = BackupActionType.Database;
bkpDatabase.Database = Program.databaseName;
bkpDatabase.Incremental = false;
bkpDatabase.Initialize = true;
bkpDatabase.LogTruncation = BackupTruncateLogType.Truncate;
BackupDeviceItem bkpDevice = new BackupDeviceItem(DBpath , DeviceType.File);
bkpDatabase.Devices.Add(bkpDevice);
bkpDatabase.SqlBackupAsync(srvr);
return true;
}
catch (Exception)
{
return false;
}
}
The following is my restore method :
public bool RestoreDB(string DBpath)
{
try
{
ServerConnection srvConn = new ServerConnection(Program.serverName);
srvConn.LoginSecure = true;
srvr = new Server(srvConn);
Restore rstDatabase = new Restore();
rstDatabase.Action = RestoreActionType.Database;
if (!srvr.Databases.Contains(Program.databaseName))
{
try
{
DbConnection dbcon = new DbConnection("Data Source=" + Program.serverName + ";Initial Catalog=master;Integrated Security=True");
dbcon.ExecuteCommand("CREATE DATABASE "+Program.databaseName, null);
}
catch (Exception)
{
MessageBox.Show("Veritabanı yaratılırken hata oluştu. Program yine de yedeğinizi geri yüklemeye çalışacak. Ancak bu değişiklik programınıza yansımayabilir. Bu durumda bizimle iletişime geçiniz.","Uyarı",MessageBoxButtons.OK,MessageBoxIcon.Warning);
}
}
rstDatabase.Database = Program.databaseName;
rstDatabase.Devices.AddDevice(@DBpath, DeviceType.File);
rstDatabase.ReplaceDatabase = true;
rstDatabase.SqlRestoreAsync(srvr);
return true;
}
catch (Exception)
{
return false;
}
}
I searched on this issue a lot and all of the codes seems correct however I could not understand why it does not perform correctly. Anyone can help me on this issue ? Please it is a bit urgent, Thanks...
|
|
|
|
|
Just a thought - I have not used SMO in many years but does the restore process drop all other connections to the database, I know if you try and restore via SSMS and there is an existing connection it fails, generates a warning but it does fail. Also the connection YOU are using may need to be to the master database not the one you are trying to restore!
I love you exception, I wonder what it says
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
Hi All,
Any idea to select this data ?
NGB CCU 0 0 0 0 6
NGB CCU 0 0 4 0 0
SHA SIN 0 0 0 0 4
SHA SIN 0 0 0 1 0
SHA SIN 0 0 25 0 0
To be result as below
NGB CCU 0 0 4 0 6
SHA SIN 0 0 25 1 4
Thanks and best Regards.
|
|
|
|
|
Its a simple sum() and Group By query
Select col1, col2, sum(col3), sum(col4) etc
Group By col1,col2
Never underestimate the power of human stupidity
RAH
|
|
|
|
|
Oh! yes such a simple case I didn't get that idea. Thank you.
But, Any Idea again?
To get this data I had to use the following query, the query is already complicated.
Is there any way to Sum up the data as you suggested without dumping this data into temp Table?
NGB CCU 0 0 0 0 0 0 0 0 6
NGB CCU 0 0 0 0 0 0 4 0 0
SHA SIN 0 0 0 0 0 0 0 0 4
SHA SIN 0 0 0 0 0 0 0 1 0
SHA SIN 0 0 0 0 0 0 25 0 0
with myTable(POL,POD,Container_Code,qty) as
(Select Distinct POL,POD,Container_Code,SUM(qty) as 'Qty'
from TableF
Where account_name like '%Freight%' and account_name not like '%FREIGHT REBATE'
Group by POL,POD,Container_Code
)
select Distinct POL,POD,
(case when container_code like '%R%20' Then qty else '' end ) as 'R_D20',
0 as 'R_D40',
(case when container_code like '%HR%40' Then qty else '' end ) as 'R_H40',
(case when container_code ='FL20' OR container_code ='OT20' Then qty else '' end ) as 'OT_D20',
(case when container_code ='FL40' OR container_code ='OT40' Then qty else '' end ) as 'OT_D40',
0 as 'OT_H40',
(case when container_code='D20' Then qty else '' end ) as 'N_D20',
(case when container_code='D40' Then qty else '' end ) as 'N_D40',
(case when container_code='HC40' Then qty else '' end ) as 'N_H40'
From myTable
order by POL,POD
modified 27-Sep-11 3:55am.
|
|
|
|