Vulnerability Development mailing list archives

Re: malformed sql queries

From: Francois Scala <fscala () ogilvy net>
Date: Sun, 30 Dec 2001 22:06:28 +0100



"Gabriel A. Maggiotti" wrote:



        http://www.host.com/file?id=121%20into%20outfile%20'/tmp/file.txt&apos;



The solution is, you must make a list of characters that you accept and
reject anything else.
And, you must decode/convert before filtering anything.

For this example, an "id" should contain only numbers or hexa chars.

"2114213" => good
"3244; drop table users" => bad, ";" not in the list

-- 
--=>[ Francois Scala / System & Network Administrator ]<=------------
--=>[ Phone: +33 1 40762339 / Fax: +33 1 40762425 ]<=----------------

Current thread:

malformed sql queries Gabriel A. Maggiotti (Dec 29)
- Re: malformed sql queries JayBonci (Dec 29)
- Re: malformed sql queries Francois Scala (Dec 30)
- <Possible follow-ups>
- Re: malformed sql queries Peter Gutmann (Dec 29)
  - Re: malformed sql queries JayBonci (Dec 29)
- Re: malformed sql queries Peter Gutmann (Dec 29)
  - Re: malformed sql queries Blue Boar (Dec 29)
- Re: malformed sql queries Kevin Hegg (Dec 31)