Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
how to bypass keyword filter(e.g..select char)
Posted by: m00zh33
Date: July 02, 2013 10:26AM

hi guys,
there is a blacklist which includes "select,exec,char,master,xp_cmdshell" keywords against SQL injection attack. Using regular expression with non case sensitive match input string. how to bypass it???? aspx+mssql+iis7.5 environment. Many many thanks.

Options: ReplyQuote
Re: how to bypass keyword filter(e.g..select char)
Posted by: firestorm
Date: September 17, 2013 10:21AM

aspx you said!
huh easy.. use your brain.

In case of asap, reach me by mail : syed@syedafzal.in

Options: ReplyQuote


Sorry, only registered users may post in this forum.