Donate to us via Paypal!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Saturday, November 28, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 93
Guests Online: 91
Members Online: 2

Registered Members: 130552
Newest Member: Johnfoege
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Author

Dodging the annoying /s for quotes

n30
Member

Your avatar

Posts: 49
Location: USA
Joined: 18.08.06
Rank:
Monster
Posted on 07-10-06 15:34
Okay, right, I found this site that is possibly vurnerable to SQL injection, one problem: it changes ' to \'
Any ideas on how to get around it? I know it's possible, because someone emailed me about MY site showing how he got around it, but my email account was locked, so I can't see it.

Thanx in advance B)


<Insert sig here>
Author

RE: Dodging the annoying /s for quotes

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 07-10-06 17:04
n30 wrote:
it changes ' to \'


Google for addslashes()
That is a way to prevent exploits...


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: Dodging the annoying /s for quotes


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-06 18:02
But addslashes is hackable, they should be using mysql_real_unesape

Check here


Author

RE: Dodging the annoying /s for quotes


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-10-06 10:32
mozzer wrote:
But addslashes is hackable, they should be using mysql_real_unesape

Check here


But that's under a non-default configuration of PHP.
Author

RE: Dodging the annoying /s for quotes


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-11-06 02:04
Works only in chinese :angry: