摘要:
SQLi filter evasion cheat sheet(MySQL)This week I presented my experiences in SQLi filter evasion techniques that I have gained during 3 years ofPHPIDSfilter evasion at the CONFidence 2.0 conference. You can find the slideshere. For a quicker reference you can use the following cheatsheet. More deta 阅读全文
摘要:
While participating at some CTF challenges like Codegate10 or OWASPEU10 recently I noticed that it is extremely trendy to build SQL injection challenges with very tough filters which can be circumvented based on the flexibleMySQL syntax. In this post I will show some example filters and how to explo 阅读全文