[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2257CDDC.7EEDB896.0B183C67@netscape.net>
Date: Sat Aug 20 06:43:55 2005
From: GabbarRang at netscape.net (Gabbar Sing)
Subject: SQL Injeciton.
Thanks I would definitely check on magic_quotes, but the fact is it escapes those characters, so theres no way...its succeptable to sql injection. and ofcourse i am asking this question here means the develper has not done any kind of sanitization checking. So, if SLQ injection is no possible even below given XXS wont be the case i guess,
'><script>alert('ur hacked')</script>
Thanks,
Gabbar.
Jeremy Bishop <requiem@...etor.org> wrote:
>On Friday 19 August 2005 20:20, Gabbar Sing wrote:
>> Hi,
>>
>> We have an internal web application written in PHP, in which the
>> developer has got following line.
>
><snip>
>
>> At first sight I though its very much vulnerible to SQL Injection,
>> but I am not just able to demonstrate it. As when i send the
>> character " ' " it just escapes it before sending query to db as " '
>> " thus failing my injection.
>
>PHP has a feature known as magic quotes that can provide automatic
>escaping of quotes in user-submitted data. I believe the configuration
>variables to look at are "magic_quotes_gpc" and "magic_quotes_sybase",
>or some variation on those; the documentation should be more revealing.
>
>The developer may also have manually sanitized the data; I assume you
>have checked for that already? The ideal means of handling input would
>be to have the code check whether magic quotes are enabled and to take
>appropriate action based on the result of that check.
>
>--
>My group's mission statement - 'You want *what* ? By *WHEN* ?'
> -- Simon Burr
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
__________________________________________________________________
Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register
Netscape. Just the Net You Need.
New! Netscape Toolbar for Internet Explorer
Search from anywhere on the Web and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp
Powered by blists - more mailing lists