NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Full-Disclosure> 2007-05

[Full-disclosure] Unicode Left/Right Pointing Double Angel Quotation Mark bypass?

From: 3APA3A (3APA3ASECURITY.NNOV.RU)
Date: Tue May 22 2007 - 07:58:03 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear full-disclosurelists.grok.org.uk,

  By the way: I saw Unicode Left Pointing Double Angel Quotation Mark
  (%u00AB) / Unicode Right Pointing Double Angel Quotation Mark (%u00BB)
  are sometimes translated to '<' and '>'. Does somebody experimented
  with

%u00ABscript%u00BB

in different environments to bypass filtering in this way?

--
http://securityvulns.com/
         /\_/\
        { , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
                    |/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]