Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

magic_quotes
From: Wojciech Pawlikowski <wojtek () vline pl>
Date: Fri, 14 Jan 2005 07:59:09 +0100
Hey,
I'm doing penetration test for some company using OSSTMM methodology.
During information gathering stage I've found some SQL injection bug
in their webapp. All I know is they've got some Oracle DB and Linux
webserver with mod_php4 module.
 
My problem is perhaps well known - is there any possibility to bypass
magic_quotes protection ? PHP is 4.3.2, but I don't remember any
vulnerability regarding magic_quotes in this version.

-- 
* Wojciech Pawlikowski :: <ducer at hard-core pl> :: NIC-HDL WP5161-RIPE *
* http://ducer.w00nf.org :: http://www.knockdownhc.com ::  Born to Hate  *

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]