 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 34
 Members: 0
 Total: 34
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
| Pi3cH |
|
| Replies: 0 |
| Views: 7241 |
|
|
 |
|
 |
|
hi there
i have some question about below queries, could some one explain(analyze) them for me?
these queries use for blind sql injection.
1. AND (SELECT COUNT(name) FROM sysobjects ... |
|
|
|
| Pi3cH |
|
| Replies: 3 |
| Views: 9813 |
|
|
|
|
|
|
oh! i dont see the left part of =,
could you give live example? |
|
|
|
| Pi3cH |
|
| Replies: 3 |
| Views: 9813 |
|
|
|
|
|
|
could give me live example?
the $curpage limited at this line of code:
$curpage = ceil(($current) / 50); |
|
|
|
| Pi3cH |
|
| Replies: 3 |
| Views: 13600 |
|
|
|
|
|
|
oh! advisory reportet by you  !
yes htmlspecialchars good solution.
is there any bug for this function of php? (nowdays many webapplications use it) |
|
|
 Forum:PhpNuke Posted: Tue Dec 27, 2005 9:15 am Subject: cool! |
|
|
| Pi3cH |
|
| Replies: 3 |
| Views: 13600 |
|
|
|
|
|
|
use:
<IMG SRC="jav	ascript:alert('XSS');"
i think the preg_match only search for < ends with > if we use tags with out > all of them works properly:
& ... |
|
|
|
| Pi3cH |
|
| Replies: 2 |
| Views: 10058 |
|
|
|
|
|
|
xss virus! cool
it's act like others viruses with many limitation and also many future (platform independent, depend on 2 side)
thanks LINUX |
|
|
|
| Pi3cH |
|
| Replies: 0 |
| Views: 8466 |
|
|
|
|
|
|
hi there
i think u hear about HTML Injection or Script inection attacks, but they are type of XSS attack. you think so?
for example if something injected into HTML source code they (securityfocu ... |
|
|
| Page 1 of 1 |
All times are GMT |
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
