I am researching in bypassing Magic Quotes enforced by PHP
Suppose you have a script
grabuserinfo.php?id=NUMERICVALUE
which runs a SELECT statement, to be able to pass a ' through the GET
successfully
I tried
id=CHAR(39,49,49,39)
which is
id='11'
but it breaks after CHAR 32 SPACE character and woul...
Suppose you have a script
grabuserinfo.php?id=NUMERICVALUE
which runs a SELECT statement, to be able to pass a ' through the GET
successfully
I tried
id=CHAR(39,49,49,39)
which is
id='11'
but it breaks after CHAR 32 SPACE character and woul...
[ more ]