WebApp Sec mailing list archives
RE: RE: Re: about oracle sql injection
From: LAROUCHE Francois <Francois.LAROUCHE () accor com>
Date: Wed, 7 Dec 2005 16:03:55 +0100
Hi Well it depends of the filter if it's a smart regex or a dumb black list. Try this /**/union/**/select (rest of your statement) It might works... or replace the union by its equivalency in hex %75 for u, %6e for n and so on Good luck François Larouche Security Engineer tel: 33 (0) 1 45 38 47 32 / fax: 33 (0) 1 45 38 47 20 mail: francois.larouche () accor com -----Original Message----- From: limor188 () walla co il [mailto:limor188 () walla co il] Sent: Wednesday, December 07, 2005 12:33 PM To: webappsec () securityfocus com Subject: Re: RE: Re: about oracle sql injection hey thanks for your answer,by the way my problem is not a blind,because the server return error messages,but thier is a filter that denied the command:(union select) so i try to put a comment to bypass the signature,or make a url encoding,or pipe,but its still dosent working,so my question:there is more ways to bypass the signture (union select)?????????? if there is any guys that have some nice ideas to bypass the signature,its will be great thanks This e-mail, any attachments and the information contained therein ("this message") are confidential and intended solely for the use of the addressee(s). If you have received this message in error please send it back to the sender and delete it. Unauthorized publication, use, dissemination or disclosure of this message, either in whole or in part is strictly prohibited. ********************************************************************** Ce message électronique et tous les fichiers joints ainsi que les informations contenues dans ce message ( ci après "le message" ), sont confidentiels et destinés exclusivement à l'usage de la personne à laquelle ils sont adressés. Si vous avez reçu ce message par erreur, merci de le renvoyer à son émetteur et de le détruire. Toutes diffusion, publication, totale ou partielle ou divulgation sous quelque forme que se soit non expressément autorisées de ce message, sont interdites. **********************************************************************
Current thread:
- about oracle sql injection limor188 (Nov 29)
- Re: about oracle sql injection Mariusz Pękala (Nov 30)
- Re: about oracle sql injection Javier Fernandez-Sanguino (Dec 01)
- Re: about oracle sql injection Richard Moore (Dec 01)
- <Possible follow-ups>
- RE: about oracle sql injection LAROUCHE Francois (Dec 01)
- Re: about oracle sql injection Javier Fernandez-Sanguino (Dec 02)
- Re: Re: about oracle sql injection limor188 (Dec 05)
- RE: Re: about oracle sql injection LAROUCHE Francois (Dec 06)
- RE: RE: Re: about oracle sql injection LAROUCHE Francois (Dec 07)
- Re: RE: Re: about oracle sql injection limor188 (Dec 07)
- Re: about oracle sql injection Mariusz Pękala (Nov 30)