PDA

View Full Version : SQL injections coming up!!


Sammy Who??
04-27-2009, 12:11 PM
;).....
Coyote
04-27-2009, 12:13 PM
In the immortal words of Fernando:

??
Sammy Who??
04-29-2009, 01:09 PM
after the SQL injections i'll submit hexadecimal text dumps to the server. :biggrin:
Va Beach VH Fan
04-29-2009, 02:29 PM
Not a very smart idea, making threats against the server...
Nickdfresh
04-29-2009, 03:22 PM
after the SQL injections i'll submit hexadecimal text dumps to the server. :biggrin:

Is that like the sperm being injected up your ass?
WARF
04-29-2009, 03:47 PM
Good luck, parameterized statements are enforced.
FORD
04-29-2009, 04:30 PM
http://i44.photobucket.com/albums/f39/philonikes/gaypanda.jpg
WARF
04-30-2009, 02:50 AM
I'd call him a troll, but I don't have that much respect!
Sammy Who??
05-03-2009, 09:40 PM
WARF is a jackass! :biggrin:

This site is history.
Dr. Love
05-03-2009, 09:48 PM
http://amuse.hamsterpaj.net/distribute/image/do_it_faggot_2.jpg
Nickdfresh
05-03-2009, 10:31 PM
A Googles on "Sammy Who's" IP:

67.159.44.51

67.159.44.51 - Google Search (http://www.google.com/search?q=67.159.44.51&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a)

And oh yeah, it is most definitely a proxy... :)
hideyoursheep
05-04-2009, 12:36 AM
According to my IP, I'm Larry the Cable Guy.
WARF
05-04-2009, 02:33 AM
after the SQL injections i'll submit hexadecimal text dumps to the server. :biggrin:

Ohhhhhhhh.... Jimmmm-may!
Sammy Who??
05-13-2009, 10:50 PM
<%
‘Format SQL Query function
Private Function formatSQLInput(ByVal strInputEntry)

‘Remove malicious characters from links and images
strInputEntry = Replace(strInputEntry, “<”, “<”)
strInputEntry = Replace(strInputEntry, “>”, “>”)
strInputEntry = Replace(strInputEntry, “[”, “[”)
strInputEntry = Replace(strInputEntry, “]”, “]”)
strInputEntry = Replace(strInputEntry, “”"”, “”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “=”, “=”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “‘”, “””, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “select”, “select”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “join”, “join”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “union”, “union”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “where”, “where”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “insert”, “insert”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “delete”, “delete”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “update”, “update”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “like”, “like”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “drop”, “drop”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “create”, “create”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “modify”, “modify”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “rename”, “rename”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “alter”, “alter”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “cast”, “cast”, 1, -1, 1)

‘Return
formatSQLInput = strInputEntry
End Function
Nickdfresh
05-13-2009, 11:02 PM
<&#37;
‘Format SQL Query function
Private Function formatSQLInput(ByVal strInputEntry)

‘Remove malicious characters from links and images
strInputEntry = Replace(strInputEntry, “<”, “<”)
strInputEntry = Replace(strInputEntry, “>”, “>”)
strInputEntry = Replace(strInputEntry, “[”, “[”)
strInputEntry = Replace(strInputEntry, “]”, “]”)
strInputEntry = Replace(strInputEntry, “”"”, “”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “=”, “=”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “‘”, “””, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “select”, “select”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “join”, “join”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “union”, “union”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “where”, “where”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “insert”, “insert”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “delete”, “delete”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “update”, “update”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “like”, “like”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “drop”, “drop”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “create”, “create”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “modify”, “modify”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “rename”, “rename”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “alter”, “alter”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “cast”, “cast”, 1, -1, 1)

‘Return
formatSQLInput = strInputEntry
End Function

:handjob:

Why don't you get another hot-beef "injection," knob-hardener?
Dr. Love
05-13-2009, 11:30 PM
How cute, it's learned to copy and paste.
LoungeMachine
05-14-2009, 01:51 AM
<%
‘Format SQL Query function
Private Function formatSQLInput(ByVal strInputEntry)

‘Remove malicious characters from links and images
strInputEntry = Replace(strInputEntry, “<”, “<”)
strInputEntry = Replace(strInputEntry, “>”, “>”)
strInputEntry = Replace(strInputEntry, “[”, “[”)
strInputEntry = Replace(strInputEntry, “]”, “]”)
strInputEntry = Replace(strInputEntry, “”"”, “”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “=”, “=”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “‘”, “””, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “select”, “select”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “join”, “join”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “union”, “union”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “where”, “where”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “insert”, “insert”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “delete”, “delete”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “update”, “update”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “like”, “like”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “drop”, “drop”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “create”, “create”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “modify”, “modify”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “rename”, “rename”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “alter”, “alter”, 1, -1, 1)
strInputEntry = Replace(strInputEntry, “cast”, “cast”, 1, -1, 1)

‘Return
formatSQLInput = strInputEntry
End Function



These read like Sammy Hagar lyrics.....

:gulp:
chefcraig
05-14-2009, 02:00 AM
These read like Sammy Hagar lyrics.....

:gulp:

Nah. A friend of mine had a super-primitive computerish game console around 1986 or so, upon which he'd spend the greater part of a Friday evening (starting around 7:30PM) typing in gibberish such as this. Finally, roughly around 1AM (or when the repeat of USA's NIGHT FLIGHT would start), he'd unveil the result of his carpal tunnel inducing effort: The first three or four bars of a guitar solo from a five-year old single by The Cars. http://www.easyfreesmileys.com/smileys/free-ashamed-smileys-705.gif (http://www.easyfreesmileys.com/)