WebApp Sec mailing list archives

Re: Paper of insecure in PHP... and doubt in SQL-Injection

From: bloodk <bloodk () Prodigy Net mx>
Date: Fri, 21 Feb 2003 03:40:07 -0500

The most insecure stuff whit PHP is when you put php in
missconfigured virtual servers and/or when you dont use
safe_mode=on and that stuff... Also you SHOULD check php.ini
because if you missconfigure this.... you will get a very
sick surprise...

Well, have a nice day.

Hi,

I'm searching a good paper or collection of papers that
describe problems of PHP with real examples and
eploitations. Like SQL-Injection, danger funcionts, buffer
overflow, ...
ps.: I want read, understand and test it. hehehe :)

Where find this papers ??

Someone have links that i can access ? :)

A little doubt about SQL-Injections... Why some sites and
Visual Basic applications gave-me this error when i try a
SQL-Injection in it:
Microsoft OLE DB Provider for ODBC Drivers error
'80040e21'
ODBC driver does not support the requested properties.

/procura_resp.asp, line 121


This error was caused by insert a ' or '1 under a search
form. :)
Why ?? A different provider ?? Security checks ?? How to
bypass this problem of provider ??

Thkz a lot.

Best Regards.

[ ]'s

Current thread:

Paper of insecure in PHP... and doubt in SQL-Injection sekure (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Kevin Spett (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Emanuele Rocca (Feb 20)
- <Possible follow-ups>
- Re: Paper of insecure in PHP... and doubt in SQL-Injection zeno (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection Jason Stout (Feb 20)
- Re: Paper of insecure in PHP... and doubt in SQL-Injection bloodk (Feb 21)