Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>@Laxus It depends not realy on used encodings, but assumed encodings. If the php code assumes one encoding (which usually isn't UTF-8 because php can't handle multibyte strings by default so it just takes a character for every byte) while the database uses another (for example UTF-8)</p> <p>The UTF-8 scheme can use mutiple bytes to encode a code point to a character as can be seen on the wikipage <a href="http://en.wikipedia.org/wiki/UTF-8" rel="nofollow">http://en.wikipedia.org/wiki/UTF-8</a> </p> <p>Codepoints below 127 are stored in a single byte using the following scheme:</p> <p>0xxx xxxx </p> <p>where x is the bits of the code point. If a codepoint is above 127 (ie: more than 7 bits) it uses two bytes:</p> <p>110x xxxx 10xx xxxx</p> <p>The ' has a codepoint of 27 (hex) or 10 0111 (binary). Normaly this is stored in a single byte</p> <p>0 <strong>010</strong> <strong>0111</strong></p> <p>in hex still: 27</p> <p>A malicious attacker could choose to store this in two bytes (padded with 0's) </p> <p>110 <strong>0</strong> <strong>0000</strong> 10 <strong>10</strong> <strong>0111</strong></p> <p>and in hex: C0 A7</p> <p>Now php processes this and assumes these two bytes are two separate characters (because it just uses ascii). It tries to replace 27 by nothing, but the string only contains C0 and A7 so no 27 found. However, the database does understand UTF-8 and decodes this code point back to '. </p> <p><strong>Possible Injection!!</strong></p> <p>These type of encodings are called overlong encodings and arn't really valid utf-8 characters, but it might just slip trough a buggy utf-8 implementation.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload