Re: [mod-security-users] Fwd: t:sqlHexDecode
Brought to you by:
victorhora,
zimmerletw
From: Brian R. <bre...@gm...> - 2011-10-26 20:12:59
|
On Wed, Oct 26, 2011 at 1:42 PM, Breno Silva <bre...@gm...> wrote: > It will be decoded to : > > select*from09table This will not work. > > or > > select*from\ttable > > The information is present in both cases but in different way. > > Let's decode everything. If we have any usability issue in future we can > reopen this case. You would probably want to do this, which would not work if you did not fully decode: t:sqlHexDecode,t:compressWhitespace > > thanks > > Breno > > On Wed, Oct 26, 2011 at 1:35 PM, Achim Hoffmann <web...@si...> > wrote: >> >> Am 26.10.2011 13:54, schrieb Breno Silva: >> > Can you give me an example ? >> >> 0x73656C6563742A66726F6D097461626C65 Sigh. Sad that this is even legit. :) -B |