Hackerszone
Welcome Guest,
learn to hack easily with tutorials, python, notepad hacks and more!
Join today, fast and free!

Are you new to hacking? Learn the basics in computer configuration, hacking tools, and hacker terminology all found here on this forum!

Join today!!

Join the forum, it's quick and easy

Hackerszone
Welcome Guest,
learn to hack easily with tutorials, python, notepad hacks and more!
Join today, fast and free!

Are you new to hacking? Learn the basics in computer configuration, hacking tools, and hacker terminology all found here on this forum!

Join today!!
Hackerszone
Would you like to react to this message? Create an account in a few clicks or log in to continue.

Ethical Hacking forums,Ethical hacking, Thehackerszone

Welcome to the one and only hackerszone!!
**NEW UPDATE** You can now reply and write topics as guests!
Search
 
 

Display results as :
 

 

Rechercher Advanced Search

HZ Tracker
Hacking Widget Visitor Details
Latest topics
»  How to study to understand and apply RPA?
SQL injection and Quote escaping EmptyTue Feb 02, 2021 7:12 am by manas41

» SQL injection and Quote escaping
SQL injection and Quote escaping EmptySun Jun 28, 2015 11:42 am by ADS1

» [TUT] Chmod: Files & Permissions [TUT]
SQL injection and Quote escaping EmptyThu Jun 04, 2015 12:45 pm by Guest

» Reaver pixiewps
SQL injection and Quote escaping EmptyThu Jun 04, 2015 12:23 pm by voidfletcher

» How To Crash Someone's Skype in 10 SECONDS
SQL injection and Quote escaping EmptyThu Jun 04, 2015 12:20 pm by voidfletcher

» Internet Security & IP Security (IPSec)
SQL injection and Quote escaping EmptyMon May 18, 2015 9:00 pm by voidfletcher

» [Python] Infinite / Definite File Generator
SQL injection and Quote escaping EmptyMon May 18, 2015 8:58 pm by ADS1

» [C#] String Case-Inversion
SQL injection and Quote escaping EmptyMon May 18, 2015 8:57 pm by ADS1

» Rekall Memory Forensic Framework
SQL injection and Quote escaping EmptySat May 16, 2015 8:55 pm by ADS1

Who is online?
In total there are 2 users online :: 0 Registered, 0 Hidden and 2 Guests

None

[ View the whole list ]


Most users ever online was 38 on Sun Mar 19, 2023 10:07 pm
Most Viewed Topics
How To Crash Someone's Skype in 10 SECONDS
Project: Whatsapp Sniffer
[01 - 05 - 2015] FREE FRESH PROXY LIST
Reaver pixiewps
[TUT] How to increase your Dropbox referral space
Challenge HTTP Response Splitting
How Mozilla saves passwords
[Tutorial] Block All Skype Resolvers! Different Methods - Detailed -
[MAC/WINDOWS/iOS]Patch/Block/Hide IP from ALL Skype Resolvers! [Video]
How to root android phone


SQL injection and Quote escaping

2 posters

Hackerszone :: Programming and secrurity :: Website Exploitation

Go down

SQL injection and Quote escaping Empty SQL injection and Quote escaping

Post by tradesun Sun Jun 28, 2015 8:15 am

$name = $_GET['name']
Select * from table where name = '{$name}'

Is there any way to exploit this kind of code,
considering that it is part of a wordpress app (which mean quotes are being escaped)
so stuff like this will not wok - Page.php?name='; drop table table;
(php and mysql)

I read about a vulnerability only on GBK charset - let say it uses a different charset.
Does it mean that it is completely safe - can any one exploit it?

tradesun
Noob
Noob

Posts : 1
Join date : 2015-06-28

Back to top Go down

SQL injection and Quote escaping Empty Re: SQL injection and Quote escaping

Post by ADS1 Sun Jun 28, 2015 11:42 am

If you asking if it would be possible to exploit a hard filtered SQL, i found a good website that goes pretty in-depth tutorial on how to do it. im not great with SQL youll have to wait till someone more knowledgeable to reply

[You must be registered and logged in to see this link.]

ADS1
Script Kiddie
Script Kiddie

Posts : 17
Join date : 2014-05-31

Back to top Go down

Back to top

- Similar topics

Hackerszone :: Programming and secrurity :: Website Exploitation

 
Permissions in this forum:
You cannot reply to topics in this forum