how to escabe from ( ' )

March 10, 2011 at 08:44:01
Specs: Windows 7
I'm working in penetration testing .....
and this abt bugs in phpmyadmin/scripts/setup.php file
in that file i must enter some configuration like this .....
enter the database name
$cfg['Servers'][$i]['only_db'] = 'mysql';

but i'm trying to modify the entery by inject some php codes like this

$cfg['Servers'][$i]['only_db'] = ''; phpinfo(); //mysql';

$cfg['Servers'][$i]['only_db'] = '; phpinfo(); //';

but when i click update the result become >>

$cfg['Servers'][$i]['only_db'] = '\'; phpinfo(); //\mysql';
$cfg['Servers'][$i]['only_db'] = '; phpinfo(); //\';
i have tried many tricks to avoid that but it finally failed...
i don't know how to avoid ( \ ) back slash
or how to escape from ( ' ) single qutation mark withou affect on code ability
hope to understand me guys
thanks a lot.........


See More: how to escabe from ( )

Report •

#1
March 10, 2011 at 18:32:52

Report •
Related Solutions


Ask Question