Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- RuleList=SQL Injection
- [SQL Injection]
- AppliesTo=.asp,.aspx
- DenyDataSection=SQL Injection Strings
- ScanUrl=0
- ScanAllRaw=0
- ScanQueryString=1
- ScanHeaders=SQL Injection Headers
- [SQL Injection Strings]
- --
- %3b ; a semicolon
- /*
- @ ; also catches @@
- char ; also catches nchar and varchar
- alter
- begin
- cast
- convert
- cursor
- declare
- delete
- drop
- end
- exec ; also catches execute
- fetch
- kill
- open
- select
- sys ; also catches sysobjects and syscolumns
- table
- [SQL Injection Headers]
- AppliesTo=.asp,.aspx
- DenyDataSection=SQL Injection Headers Strings
- ScanUrl=0
- ScanAllRaw=0
- ScanQueryString=0
- ScanHeaders=Cookie:
- [SQL Injection Headers Strings]
- --
- @ ; also catches @@
- alter
- cast
- convert
- declare
- delete
- drop
- exec ; also catches execute
- fetch
- insert
- kill
- select
Add Comment
Please, Sign In to add comment