Search
Latest topics
Who is online?
In total there are 2 users online :: 0 Registered, 0 Hidden and 2 Guests None
Most users ever online was 38 on Sun Mar 19, 2023 10:07 pm
Most Viewed Topics
SQL injection and Quote escaping
2 posters
Page 1 of 1
SQL injection and Quote escaping
$name = $_GET['name']
Select * from table where name = '{$name}'
Is there any way to exploit this kind of code,
considering that it is part of a wordpress app (which mean quotes are being escaped)
so stuff like this will not wok - Page.php?name='; drop table table;
(php and mysql)
I read about a vulnerability only on GBK charset - let say it uses a different charset.
Does it mean that it is completely safe - can any one exploit it?
Select * from table where name = '{$name}'
Is there any way to exploit this kind of code,
considering that it is part of a wordpress app (which mean quotes are being escaped)
so stuff like this will not wok - Page.php?name='; drop table table;
(php and mysql)
I read about a vulnerability only on GBK charset - let say it uses a different charset.
Does it mean that it is completely safe - can any one exploit it?
tradesun- Noob
- Posts : 1
Join date : 2015-06-28
Re: SQL injection and Quote escaping
If you asking if it would be possible to exploit a hard filtered SQL, i found a good website that goes pretty in-depth tutorial on how to do it. im not great with SQL youll have to wait till someone more knowledgeable to reply
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
ADS1- Script Kiddie
- Posts : 17
Join date : 2014-05-31
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Tue Feb 02, 2021 7:12 am by manas41
» SQL injection and Quote escaping
Sun Jun 28, 2015 11:42 am by ADS1
» [TUT] Chmod: Files & Permissions [TUT]
Thu Jun 04, 2015 12:45 pm by Guest
» Reaver pixiewps
Thu Jun 04, 2015 12:23 pm by voidfletcher
» How To Crash Someone's Skype in 10 SECONDS
Thu Jun 04, 2015 12:20 pm by voidfletcher
» Internet Security & IP Security (IPSec)
Mon May 18, 2015 9:00 pm by voidfletcher
» [Python] Infinite / Definite File Generator
Mon May 18, 2015 8:58 pm by ADS1
» [C#] String Case-Inversion
Mon May 18, 2015 8:57 pm by ADS1
» Rekall Memory Forensic Framework
Sat May 16, 2015 8:55 pm by ADS1