Andres, > But this isn't a buffer overflow, a format string, or something like > that, the only thing that I have to add is a 0xc0 char in front of > every character that would be normally escaped ( ; | & and some others > ). And by "exploiting" this vulnerability, w3af would be bypassing a > filter, like the ones that w3af bypasses when "fighting back" > gpc_magic_quotes in SQL injection exploitation.
Yes, but gpc_magic_quotes is PHP specific option (for all versions before 6). And bypassing is specific security issue in PHP of specific versions on specific platforms (locales). I agree with José, that w3af isn't an vulnerability explotation framework so it may be out of the scope of the project. -- Тарас Иващенко (Taras Ivashchenko), OSCP www.securityaudit.ru ---- "Software is like sex: it's better when it's free." - Linus Torvalds
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
