[Snort-sigs] Generic SQL injection false positives

Graham Bignell bignell at ...2420...
Mon Dec 28 17:28:18 EST 2009


On Mon, Dec 28, 2009 at 5:15 PM, Guise McAllaster
<guise.mcallaster at ...2420...> wrote:
> >From what I've seen, some SQLi will work using "/**/" instead of
> spaces.  Other bypasses are possible as well I thinks.  Others want to
> contribute some useful bypasses to spaces?

"+"
"%20"

\\//,
Lorax




More information about the Snort-sigs mailing list