Full Disclosure mailing list archives
Re: Question: is this exploitable?
From: "Codex" <codex () bogus net>
Date: Sat, 18 Oct 2003 19:30:41 +0100
one way of doing it: $query=sprintf("insert into projects values(null,%s)",dbh->quote($project)); $sth = $dbh->prepare($query); -cdx ----- Original Message ----- From: Paulo Pereira To: full-disclosure () lists netsys com Sent: Saturday, October 18, 2003 1:28 PM Subject: [Full-disclosure] Question: is this exploitable? Hi, I'm looking at a web application I built some time back and I found this line: $sth = $dbh->prepare("insert into projects values(null,\"$project\")"); I'm using Perl. This works quite exploitable to me since $project comes directly from user without any validation :) The thing is that I'm yet to find a way to exploit it on the MySQL database I'm using. I tried to make $project like: "); insert into other_table value(bla, bla but prepare only runs one command and complains about this... I also tried " + (insert into other_table value(bla, bla And a bunch of combinations but I still didn't get the right touch at it and I would like to understand how these things work. Reading this list is quite helpuful, I already found a dozen ways to DoS my application with the insertion of scripts. I think my app was (was?) really.. :) insecure. Thanks! Paulo Pereira _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Question: is this exploitable? Paulo Pereira (Oct 18)
- Re: Question: is this exploitable? Jonathan A. Zdziarski (Oct 18)
- Re: Question: is this exploitable? Jason Dixon (Oct 18)
- Re: Question: is this exploitable? Randal L. Schwartz (Oct 18)
- Re: Question: is this exploitable? John Sage (Oct 18)
- Re: Question: is this exploitable? Codex (Oct 18)
- Re: Question: is this exploitable? Jonathan A. Zdziarski (Oct 18)
- Re: Question: is this exploitable? Paul Tinsley (Oct 18)
- Re: Question: is this exploitable? Jonathan A. Zdziarski (Oct 18)
- Re: Question: is this exploitable? Paul Tinsley (Oct 18)
- Re: Question: is this exploitable? Jonathan A. Zdziarski (Oct 18)
- Re: Question: is this exploitable? Jonathan A. Zdziarski (Oct 18)