Snort mailing list archives
Re: Generic SQL injection false positives
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Mon, 28 Dec 2009 17:53:10 -0600
--On December 28, 2009 4:28:18 PM -0600 Graham Bignell <bignell () gmail com> wrote:
On Mon, Dec 28, 2009 at 5:15 PM, Guise McAllaster <guise.mcallaster () gmail com> wrote:From what I've seen, some SQLi will work using "/**/" instead ofspaces. Other bypasses are possible as well I thinks. Others want to contribute some useful bypasses to spaces?"+"
+update? Or + update? Or are you referring to %20+update+whatever? If so, the + sign is removed during normalization.
"%20"
This is a space, which will converted to a space by the normalization process. Paul Schmehl, If it isn't already obvious, my opinions are my own and not those of my employer. ****************************************** WARNING: Check the headers before replying ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Generic SQL injection false positives Guise McAllaster (Dec 22)
- Re: Generic SQL injection false positives Matt Olney (Dec 22)
- Re: Generic SQL injection false positives Matt Olney (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Alex Kirk (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Guise McAllaster (Dec 28)
- Re: Generic SQL injection false positives Graham Bignell (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Guise McAllaster (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Matt Olney (Dec 28)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 28)
- Re: Generic SQL injection false positives Guise McAllaster (Dec 29)
- Re: Generic SQL injection false positives Matt Olney (Dec 29)
- Re: Generic SQL injection false positives Paul Schmehl (Dec 29)
- Re: Generic SQL injection false positives Matt Olney (Dec 29)
- Re: Generic SQL injection false positives Guise McAllaster (Dec 29)