#4 Simple SQL Injection not working

Version 2.x

I am running Mutillidae 2.3.9 it on the latest Debian stable (6.0.6) on a x86 VM.

PHP is version 5.3.3.-7+squeeze14
Mysql is version 5.1.63-0+squeeze1

magic_quotes are disabled, suhoshin is not installed.

However, I ran into a problem which I a\'m not sure if it is a real problem or if I am just too stupid to figure it out ;)


The very first SQL Injection \\\" \\\' or 1=1 -- \\\" wouldn\\\'t work with my setup - but it was throwing up error messages that didn\\\'t fit the expected SQL Injection errors (see screenshot).

Turns out the SQL-Statement inside \\\"process-login-attempt.php\\\" didn\\\'t like the \\\"\\\'or 1=1 --\\\".

Line 45: $LogHandler->writeToLog(\\\"Attempt to log in by user: \\\" . $username);

After turning that into

$LogHandler->writeToLog(\\\"Attempt to log in by user: \\\" $MySQLHandler->escapeDangerousCharacters($username));

the SQL Injection on the login form would work as expected (sounds weird ;)).

I am not sure if I am just missing a point here and I\\\'m a complete idiot or if that is in fact a bug.


  • larsit0

    larsit0 - 2012-10-25

    SQL Error

  • Jeremy Druin

    Jeremy Druin - 2013-01-12
    • status: open --> closed-fixed

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks