Ready to Start Your Career?

Sql Injection

Author's profile image

January 1, 2016

if the website gives the following msg doesnt mean its not injectable? Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a tag within a "web.config" configuration file located in the root directory of the current web application. This tag should then have its "mode" attribute set to "Off". Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's configuration tag to point to a custom error page URL. So you are looking at a generic .NET error page On a machine thats web.config doesnt show detailed info when the application hits a run time error. I've got 2 question? Is this in your lab environment? What were the steps you took that lead to the error message? There's not enough info to answer your question. it is an exercise given by my teacher. any kind of sql injection testing will give this error. plus by using sqlmap its always giving me forced to disconnect.
Schedule Demo