Alex Turner wrote:
> Can you demonstrate a URL/attack that would constitute an injection
> attack that would get around magic-quotes, or provide some links to
> such?
>
[...]
Just quoting an article in Hackin9 (N°5/2005) I was just reading before
writing my post (page 53, translated from french): "The PHP function
magic_quote() allow to cancel automaticaly the effect of a single quote
using backslashes; however this function is used in conjunction with the
function strip_slashes(), the escaping characters are suppressed."
I admit that I haven't tried and don't realy know how to implement this one
but I presume they have tried. I'll google on this to see if I can find
some demonstration as this is the first time I read this magazine.
After reading this article I tested some of the suggested attacks agains my
Perl CMS engine based on Pg and hopefully the given examples work with
MySQL but I'm reviewing my regexps just in case...
--
MaXX