How to evade white spaces in a SQL injection

From: Falcifer (falcifer2001@yahoo.es)
Date: Thu Mar 25 2004 - 08:00:08 EST


Hi,

I've one aplication coded on asp with a login form and the only
character that it validates its the withe space.

Can i perform a sql injection on it? how?

Thanks

PD: the DBMS its SQL server

---------------------------------------------------------------------------
You're a pen tester, but is google.com still your R&D team?
Now you can get trustworthy commercial-grade exploits and the latest
techniques from a world-class research group.
www.coresecurity.com/promos/sf_ept1
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:51 EDT