|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 63
Members: 0
Total: 63
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Evading sql-injection filters |
|
Posted: Mon Mar 06, 2006 10:03 pm |
|
|
Someone |
Beginner |
|
|
Joined: Mar 06, 2006 |
Posts: 1 |
|
|
|
|
|
|
|
|
|
|
|
|
Re: Evading sql-injection filters |
|
Posted: Wed Mar 08, 2006 2:36 am |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Nop, this is not an actual exploit. This advisory is meant to be as helping source for other exploits creation. I mean, if someone for example finds an sql injection in some $hitty 3-rd party module, written by some dumba$$ wannabe-programmer (let's face the truth, there are very few sql injections left in actual nuke engine) and now we want to use it with GET request - b00m - and sql injection filter will slap you down. So there comes help from my advisory. You can modify exploit string a little bit and ... it will work |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|