lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: pjp at paulo-pereira.net (Paulo Pereira) Subject: Question: is this exploitable? Hi, I'm looking at a web application I built some time back and I found this line: $sth = $dbh->prepare("insert into projects values(null,\"$project\")"); I'm using Perl. This works quite exploitable to me since $project comes directly from user without any validation :) The thing is that I'm yet to find a way to exploit it on the MySQL database I'm using. I tried to make $project like: "); insert into other_table value(bla, bla but prepare only runs one command and complains about this... I also tried " + (insert into other_table value(bla, bla And a bunch of combinations but I still didn't get the right touch at it and I would like to understand how these things work. Reading this list is quite helpuful, I already found a dozen ways to DoS my application with the insertion of scripts. I think my app was (was?) really.. :) insecure. Thanks! Paulo Pereira -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031018/443a8161/attachment.html
Powered by blists - more mailing lists