Re: Permission to Select

> What information can be retrieved from a structure by being able to
> update all rows?
Write a plpgsql function snoop(x) which inserts x into a table 'log'  
created by you, and also returns x.UPDATE users SET password=snoop(password).Read log table.Done.
If you have WHERE rights on a table, you can guess any column content  
pretty quick. Just do a binary search. Some time ago I had a friend whose  
website had some SQL injection holes, and he said "so what ? who cares ? I  
have magicquotes" (lol), so I coded a python script which injected a  
"password BETWEEN x AND y" (using CHR() to avoid quotes) and narrowed the  
search. It took about 1 minute to get the password (which turned out to be  
md5 that resisted a few seconds to dictionary attack using whatever evil  
hax0rz tool).