Mod_security and SQL Injection

**ziceva** · 02-03-2011, 02:36 PM

It seems like SQL Injection is still possible with mod_security installed ... simply by putting the SQL code in a comment like /*! code_here */ ... this is a version dependent comment so will be executed by mysql, but it's not checked by mod_security (because it is a comment ...)

I tried matching /*! ... with no success ... I tried matching ! and got hits only if the exclamation mark is alone ... as soon as it comes with /*! it doesn't get a match ...

Any ideas an this?

Let me explain by example:

The problem: ht tp://example.com/test.php?id=1/*! UNION SELECT whatever */ does not get blocked
Solution 1 (let's block ! ..):
ht tp://example.com/test.php! (get's blocked)
ht tp://example.com/test.php/*! (does not get blocked)

**ziceva** · 02-04-2011, 01:13 PM

Found the solution ... I created a separate rule for this case and it worked just fine ... previously I was trying to edit the existing rule ...

Forums

Thread: Mod_security and SQL Injection

LinkBack

Thread Tools

Mod_security and SQL Injection

Re: Mod_security and SQL Injection

Similar Threads

Code Injection

SQL Injection

SQL Injection

SQL Injection exploit Advanced Guest Book v2.2

cPanel & WHM

Enkompass

Help

Community

Company

Connect with Us