Amusing -- but without the leading single-quote it would take intentional effort for a programmer to detonate this payload.
Its omission is interesting though. Does it indicate an incompetent attacker, or is companieshouse.gov.uk using some bespoke approach like "delete all single quotes" instead of actually quoting strings? -Rowan On 6 May 2018 at 06:57, Simon Slavin <slav...@bigfraud.org> wrote: > This is a genuine company registered under the UK Companies Act: > > <https://beta.companieshouse.gov.uk/company/10542519> > > The name of company is > > ; DROP TABLE "COMPANIES";-- LTD > > (Note: For legal reasons a UK company name must end in 'LTD' or 'plc', > depending on the type of company it is.) > > Simon. > _______________________________________________ > sqlite-users mailing list > sqlite-users@mailinglists.sqlite.org > http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users > _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
