WhitewidowScanner / whitewidow

SQL Vulnerability Scanner
973 stars 234 forks source link

Using multiple SQL Injection symbols #12

Closed bararchy closed 8 years ago

bararchy commented 8 years ago

Right now I see you use ', it would give better results to use ` instead.

Also, using ; and -- would be interesting too. how about trying again with different symbol if the check failed to produce SQL results ?

Ekultek commented 8 years ago

This will be done with the advanced decoding. Feel free to try and code your own ideas into whitewidow and contribute!

Leaving this open because I like the idea Sent from my iPhone

On Apr 11, 2016, at 4:05 AM, Bar Hofesh notifications@github.com wrote:

Right now I see you use ', it would give better results to use ` instead.

Also, using ; and -- would be interesting too. how about trying again with different symbol if the check failed to produce SQL results ?

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub

Ekultek commented 8 years ago

I am a little interested to know what the -- would do. As far as I know that's just used for comments in certain DB's?

Ekultek commented 8 years ago

Added and will be added with release of 1.0.6, you're going to like this release