Penetration Testing mailing list archives
Re: any sql injection bypass on filters?
From: Speedy <speedimus () gmail com>
Date: Thu, 23 Sep 2010 02:32:09 -0500
As an idea for another option, If you are able to influence which error message that you receive based upon your input, perhaps you could adapt your attack for Blind SQL injection. -Speedy On Sep 22, 2010, at 4:46 PM, The Dead <th3d34d () gmail com> wrote:
Hi Jacky, If you send for example a common string, the application with filter it? Sample: ASC, (case when (2=2) then foo else bar end) If the application fail to filter it probably you will got an error like: Unknow column 'foo'.... Try it! On Wed, Sep 22, 2010 at 5:35 PM, Jacky Jack <jacksonsmth698 () gmail com> wrote:Hi I'm currently on a php web application page which issues an error message when submitting invalid value for "sort" parameter. But the application accepts only a-zA-Z for this parameter. I've tried to bypass it by char(), hex(). If I change its parameter value to a value other than "ASC", "DESC", the application issues a generic sql error starting with "You have an error in your SQL syntax". So, in this situation, can the application still be assumed as vulnerable to sql injection? Thank you. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- any sql injection bypass on filters? Jacky Jack (Sep 22)
- Re: any sql injection bypass on filters? The Dead (Sep 22)
- Re: any sql injection bypass on filters? Speedy (Sep 23)
- Re: any sql injection bypass on filters? Jacky Jack (Sep 23)
- Re: any sql injection bypass on filters? Dan Crowley (Sep 23)
- Re: any sql injection bypass on filters? Speedy (Sep 23)
- Re: any sql injection bypass on filters? Joe Peters (Sep 23)
- Re: any sql injection bypass on filters? Jacky Jack (Sep 23)
- Re: any sql injection bypass on filters? Joe Peters (Sep 23)
- Re: any sql injection bypass on filters? Jacky Jack (Sep 23)
- Re: any sql injection bypass on filters? The Dead (Sep 22)