+ URI.escape(c)
end
end
return newstr
end
print Enter string to URL Unicode:
puts unicode_url(gets)
From: Tim [EMAIL PROTECTED]
Sent: 10 September 2008 00:34
To: [EMAIL PROTECTED]
Cc: bugtraq@securityfocus.com
Subject: Re: SQL Smuggling
are not blocked or discovered.
The paper can be found at:
http://www.ComsecGlobal.com/framework/Upload/SQL_Smuggling.pdf
From the paper:
This paper will present a new class of attack, called SQL Smuggling.
...
I don't see how this is a new class of attack. You've merely outlined
some techniques
SQL Smuggling. SQL
Smuggling is a sub-class of SQL Injection attacks that rely on differences
between contextual interpretation performed by the application platform and the
database server. While numerous instances of SQL Smuggling are commonly known,
it has yet to be examined as a discrete
