Questions tagged [string]
related to vulnerabilities in string manipulation libraries (ex.: causing a buffer overflow by omitting the null terminator), or related to sanitizing input strings.
18 questions
0
votes
0
answers
100
views
T-SQL, string injection, REPLACE(@myVariable, '''', '''''') approach? Once and for all
I see there are forums about this question, but everywhere, I fail to see the answer I am looking for.
I have a stored procedure which its purpose is to execute dynamic SQL statement.
It uses a cursor ...
- 1
0
votes
0
answers
27
views
Any idea on how this 36 character long string generated? [duplicate]
I have a personal id "U1KFhYtMqZhCYya6sy31PVLM8DlM5HLCkwy3", I have checked some hash functions but cannot make sure how this generated? Is this just random string generated with [a-zA-z0-9]?...
- 101
5
votes
2
answers
551
views
A runtime sometimes converts string arguments (or string returns) from WTF-16 to UTF-16 between functions in a call stack. Is this a security concern?
Suppose that we have this code (in TypeScript syntax):
function one(str: string): string {
// do something with the string
return str
}
function two() {
let s = getSomeString() // returns some ...
- 81
1
vote
0
answers
191
views
Attack on a string created by a developer
Go and Java have "compile time constants", and JavaScript will soon get a feature that allows "Distinguishing strings from a trusted developer from strings that may be attacker ...
- 111
0
votes
0
answers
209
views
When parsing a string to a BigDecimal or BigInteger in Java, or BigInt in JavaScript, are there any known security issues around this?
When parsing a string to a BigDecimal or BigInteger in Java, or BigInt in JavaScript, are there any known security issues around this? Like if you take in the string without validating it's just ...
- 101
5
votes
1
answer
15k
views
How to do string buffer overflow with scanf function?
I'm new to buffer overflow exploitation. I've written a simple C program which will ask the user to input a string (as a password) and match that string with "1235". If matched then it will ...
- 197
0
votes
1
answer
1k
views
How to find just the first character or value of a MD5 hash string
I want to know how to find just the first character or digit in first part of a 64 length string from a MD5 hash. For example, we have a hash:
...
- 11
0
votes
3
answers
653
views
What string encoding options are there besides xor? [closed]
When attempting to obfuscate strings in a modern program, xor is probably the most common option. By this I mean running each char of a string through a function which xors the char with some given ...
- 1,362
4
votes
2
answers
960
views
Format String Exploitation with limited number of characters possible?
Is the exploitation of a format string vulnerability possible if the number of characters you're allowed to enter is limited?
Let's say I'm just allowed to enter input with 23 characters. I can read ...
- 41
2
votes
2
answers
570
views
Single or double quotes in PHP?
In general which is safer to use, with regards to XSS evasion in particular?
echo '<input name="'.$input_name.'">';
echo "<input name='$input_name'>";
I'm guessing single quotes, but ...
- 167
2
votes
2
answers
1k
views
Passing query string into a stripe API
How secure is it to pass in to a Stripe website (external, not our own site) some data to prefill a form through the query string? It's an external site so we can't just pass it in encrypted like we ...
- 123
-1
votes
1
answer
540
views
PHP HASH DECODER [closed]
Please I need help, I bought a PHP mailer, hosted it on my server and found out that it copies all messages and maillist to a different email address,
I examined the code and became suspicious about ...
- 11
4
votes
1
answer
718
views
String format exploit
I have the following scenario: printf is called with a 20 byte long string (19 characters + 0x00) which I control. The string cannot contain n, s, S and $. My goal is to bypass a strcmp with a random ...
- 171
0
votes
1
answer
1k
views
Is there a good site I can use to convert a string into any encoding? [closed]
I am working on a ctf (capture the flag) challenge and I have a string that I believe is important, but I don't know what encoding it is in. Is there a way I can decode the string in all of the ...
- 2,391
1
vote
0
answers
184
views
Implementation of SQL "LIKE" Operator in Database Outsourcing
Recently, I read some papers about DB Outsourcing that implement aggregate functions over encrypted data. What I want to know, is there a method in DB Outsourcing to implement SQL LIKE operator that ...
- 25