>> !! So..., adding a comment isn't always the best. Could you please think
>> !! about an example where 1 AND 1=1 wouldn't work, and 1 AND 1=1-- would?
I think you're right Andres ... i tried to figure out an example but
still haven't found.
By the way i could ask you :
"Could you please think an example where 1 AND 1=1 work and 1 AND
1=1-- wouldn't ?"
But we can avoid these questions ulntil 'fuzz vecotors' are stored
inside plugins.
For now, since you only need to check if a webappz is
blindSQLInjection vulnerable
query strings like: ?id=1+0 is enough on numerical values (as well as:
?id=CONCAT('str','ing') on strings)
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
