Re: Intresting case of SQL Injection

To: "Martin Sarsale (runa@sytes)" <runa@xxxxxxxxxxxxxx>
Subject: Re: Intresting case of SQL Injection
From: Markus Fischer <mfischer@xxxxxxxxxxxxxxxx>
Date: Thu, 4 Dec 2003 23:37:58 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <60681.127.0.0.1.1070566755.squirrel@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <60681.127.0.0.1.1070566755.squirrel@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Microsoft Outlook Express 5.50.4807.1700.314

On Thu, Dec 04, 2003 at 04:39:15PM -0300, Martin Sarsale (runa@sytes) wrote : 
> Yesterday, we found an interesting case of SQL Injection.
[...]
> The main problem here was that developers where trusting in PHP auto
> escaping which worked in MySQL (and probably PostgreSQL) but not in MSSQL.

    The main problem in fact are developers who do not read the manual
    for their language of choice[tm]. It is documented that
    magic_quotes_sybase = true
    uses the alternate escaping style needed by non-MySQL alike
    databases (eg. MSSQL).

    regards,
        - Markus

References:
- Intresting case of SQL Injection
  - From: Martin Sarsale (runa@sytes)

Prev by Date: Cross Site Scripting in VP-ASP
Next by Date: Re: Linksys WRT54G Denial of Service Vulnerability
Previous by thread: Intresting case of SQL Injection
Next by thread: Intresting case of SQL Injection
Index(es):
- Date
- Thread