libinjection icon indicating copy to clipboard operation
libinjection copied to clipboard

Published 20 hours ago verified publisher icon client9

Fix for MySQL, MSSQL whitespace evasion

Open jzy2000 opened this issue 9 years ago • 2 comments

Quick fix for http://www.websec.ca/blog/view/Bypassing_WAFs_with_SQLMap#sthash.uNJMATB3.dpuf%27= where it states: "MySQL allows characters 09, 0A-0D, A0 to be used as whitespaces while MSSQL allows a much wider range, from 01-1F.".

jzy2000 avatar Mar 29 '16 03:03 jzy2000

why are tests failing?

client9 avatar Mar 29 '16 16:03 client9

It's b/c UTF-8 code involved in some test cases, which also has ascii code falling btn 1-31. What's better way to address this issue in your view?

jzy2000 avatar Mar 29 '16 20:03 jzy2000