|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 59
Members: 0
Total: 59
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
need help with magic quotes |
|
Posted: Thu Mar 26, 2009 1:12 pm |
|
|
handplant |
Beginner |
|
|
Joined: Feb 21, 2009 |
Posts: 4 |
|
|
|
|
|
|
|
hi, (i'm not shure if this is xss oder sql injection so i posted it here )
I can inject code in the search box, normal xss is not working, no alerts are poping up or something. but if i inject a shell with
'';!--"<123>SHELL
it looks like this:
looks like magic quotes is on.. but if I try to convert the shell with CHAR its not working at all and converting the parts with quotes with HEX it looks like the box to the right from the "Durchsuchen" -Button.. I have to say I'm not that familiar with breaking the magic quotes filter .. does anyone has a solution for this or is this impossible?
thx for help |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|