Re: How to evade white spaces in a SQL injection
From: Javier Fernandez-Sanguino (jfernandez_at_germinus.com)
Date: 03/26/04
- Previous message: Scott Egbert: "Re: Oracle DB Audity"
- In reply to: Falcifer: "How to evade white spaces in a SQL injection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Mar 2004 23:00:35 +0100 To: Falcifer <falcifer2001@yahoo.es>
Falcifer wrote:
> Hi,
>
> I've one aplication coded on asp with a login form and the only
> character that it validates its the withe space.
>
I guess that you mean that it is the only character it _removes_
In any case, did you test with tabs? (i.e. %09 instead of %20)
Also, you might be able to avoid the application if you use
alternative encodings (if it's an IIS server it will automagically
turn %u0020 to a space, which the application might not validate [1])
Regards
Javier
[1] Read the paper 'URL Encoded Attacks: Attacks using the common web
browser' by Gunter Ollmann
---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------
- Previous message: Scott Egbert: "Re: Oracle DB Audity"
- In reply to: Falcifer: "How to evade white spaces in a SQL injection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
