HomeForumsBugs
 Database Security. Database Auditing. Database Caching. Database Masking. Get it now

another bypass

Posted September 25th, 2008 by Reiners
in

username: ' <~ '
password: ')=SHA('

there are plenty more possibilities to obfuscate a "true condition".

greetings,
Reiners

for more information why this works, please refer to:
http://bugs.mysql.com/bug.php?id=39337

‹ I could bypass Passed the test.. ›

Comments

Hi Reiners I will validate

On October 1st, 2008 yoav says:

Hi Reiners

I will validate all the patterns you reported and fix the missing ones in the new application version.

Thanks,
Yuli

Back to top