Vulnerability Development mailing list archives

Re: malformed sql queries

From: Blue Boar <BlueBoar () thievco com>
Date: Sat, 29 Dec 2001 20:18:42 -0800

Peter Gutmann wrote:


I was more concerned about people doing things like using %39 to escape
filtering for ' characters, a la Microsoft's continuing ".." problems.


That's something I was curious about as well.  I know parts of 
Microsoft's version of the TDS protocol are done in Unicode.  If you
pass the appropriate escape character in Unicode, the script
that's trying to strip out dangerous stuff wouldn't catch it.

The only problem I can see is how do you keep IIS from decoding the
Unicode first (talking about web form access, obviously.)

                                        BB

Current thread:

malformed sql queries Gabriel A. Maggiotti (Dec 29)
- Re: malformed sql queries JayBonci (Dec 29)
- Re: malformed sql queries Francois Scala (Dec 30)
- <Possible follow-ups>
- Re: malformed sql queries Peter Gutmann (Dec 29)
  - Re: malformed sql queries JayBonci (Dec 29)
- Re: malformed sql queries Peter Gutmann (Dec 29)
  - Re: malformed sql queries Blue Boar (Dec 29)
- Re: malformed sql queries Kevin Hegg (Dec 31)