Any here a PhP genius, who is also versed in ModSecurity?
#2
(06-25-2012, 05:48 PM)shoju Wrote: Based on the SQL Character Anomaly Detection Alert - Repetative Non-Word Characters
This is your big clue.

The SQL injection prevention would be looking for special characters, not 0 through 9, A through Z, and a through z. Mostly likely you have a product name or description in the database that has either single or double quotation marks. The easiest types of SQL injection attacks just try to append something simple to a SQL statement e.g. "and 1=1".

Do you have an alternate method of getting to the data stored in the SQL database?
”There are more things in heaven and earth, Horatio, Than are dreamt of in your philosophy." - Hamlet (1.5.167-8), Hamlet to Horatio.

[Image: yVR5oE.png][Image: VKQ0KLG.png]

Reply


Messages In This Thread
RE: Any here a PhP genius, who is also versed in ModSecurity? - by kandrathe - 06-25-2012, 06:02 PM

Forum Jump:


Users browsing this thread: 3 Guest(s)