Web application security - the fast guide 1.1 | Page 130

Chapter 6 - Attack execution (2)
P a g e | 130
6- Forgotten escape: this attack is based on the assumption that a
sanitization method is available and will prevent all malicious characters
that might cause a problem but the developer forgot the escape which
itself does not represent a problem but escaping the escape by the mean
of disable the sanitization functionality. An example is the usage of an
input like ( whatever \;ls ) in this case the sanitization will turn the clean
input to poisoned one ( whatever \\;ls ) which will reactivate the
semicolon malicious effect.
7- Defence+Defence=? : sometimes the intersection of two defense
mechanisms can be used by the attacker to initiate a successful attack. An
example is the usage of an extra single quotation mark to escape a single
quotation mark as a defense mechanism to prevent SQL injection, and
truncation length limiter mechanism for input as a second mechanism to
minimize the ability to enter unexpected amount of entry. The flaw
resides in the usage of the second mechanism by the attacker to break the
first.
if the user login query was:
Select * from users
password=’password’;
where
username=’user
name’
and
Now if the attacker provides the a user name containing ( xxxxxxx….xxxx’)
where 127(x) cha