Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Generic SQL injection false positives

From: Graham Bignell <bignell () gmail com>
Date: Mon, 28 Dec 2009 17:28:18 -0500
On Mon, Dec 28, 2009 at 5:15 PM, Guise McAllaster
<guise.mcallaster () gmail com> wrote:

From what I've seen, some SQLi will work using "/**/" instead of

spaces.  Other bypasses are possible as well I thinks.  Others want to
contribute some useful bypasses to spaces?


"+"
"%20"

\\//,
Lorax

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
Previous By Date Next
Previous By Thread Next

Current thread: