Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...

Page 1 of 130

Nazim's I I S
Security Blog
All things secur ity ...

Home RSS Atom Comments RSS

Filtering SQL injection from Classic ASP

{ v [

L

{ L
{ v [
/ { {

L ! { t b9 {
! { t b9
b { L
{v [

t

{ v [

L
!



{ v [ ! t L
L
L L


L
{
L
a

{ v [ / b/

Sign In | Join | Help

Search
Go

Tags
ASP(x)Dynamic IP
RestrictionFTPH T T P IIS5X

I I S6 I I S7 RequestFiltering

injectionUrlScanWebDAVWindow s

Se curit y

Navigation
Home
Get Started
Learn
Downloads
Blogs
Forums

Archives
November 2011 (1)
August 2011 (1)
June 2011 (1)
April 2011 (1)
February 2011 (1)
September 2010 (4)
August 2010 (1)
June 2010 (1)
March 2010 (1)
January 2010 (1)
December 2009 (3)

{/ L

October 2009 (2)

September 2009 (3)
June 2009 (2)
May 2009 (1)

/ ! { t

. [ 9t 5

April 2009 (1)

March 2009 (1)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 2 of 130

3 # )

! . ,

October 2008 (2)

August 2008 (1)
June 2008 (4)
May 2008 (1)
April 2008 (2)

31,
$ " , %0

" 31,
31,

31, #
! $/ ! 30

%0 %0

4
!

&# 3&31,
/ % 2 .
$
)

4
# 3&31,
% &
% ) 3# 4
# 3&31,
% &
% )
, #

& % " ,
) ) 3 4
# 3&31,
% &
% )
.
# 3&31,
% &

& % 2 &
) # 3&31, 2 &
4
2
2 2 %0
% )
.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 3 of 130

& %
)
2
2 2 %0

% )
.

& % 2 #
) # 3&31, 2 #
4
2
2 2 %0
% )
.

a

a

4 0

! . ,

3 # )

2 7 7 4 0
2 7

9t

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 4 of 130

L
L

%0
! . ,
4

2 7 %22/ 2 ) )

{ 9
{ a t

3 %
! . ,
&3 %
/ % 2 .
)

4
3 %
% &
% ) 3# 4
3 %
% &
% )
3 # # / #$/ #
7 #&
) 3 5- 3 50
& 3- 40

) 3- 403
) 3- 40!
) 3 5
) 3 0
5
% 7
3 - # / #$/ -
7 -
&
3 # #
&
4
3 4 %
3
% 7
3 - .
3 # .
3 %
% &

&/ 2- 6%2" 0/ 34 - %4( / $ 0/ 34

4 31,
% ). 054 . ! - % % ). 054 "2
- ). 054 . ! - % - ). 054 "2
3 3 % 2 %
2 -
" 2
"544/ . 490% 35" - ) 43 "544/ .
&/ 2-

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 5 of 130

I L . { L W

Published Monday, April 28, 2008 7:53 PM by naziml

Tags: SQL injectionHTTPASP(x)

Comments
# re: Filtering SQL injection from Classic ASP
Tuesday, April 29, 2008 8:50 AM by qt11
great script !!
I'm having problems with the :
For Each s in Request.Form
If ( CheckStringForSQL(s) ) Then
if i do a response.write (s) its the name of the fields that are written out, not their values....
therefore its not actually looking at the correct bit...
??
# re: Filtering SQL injection from Classic ASP
Tuesday, April 29, 2008 9:41 AM by qt11
also, please check the code, there's a few errors in there...
"select, ""sys",
anyone know how to get the values for the form information rather than the attribute names ?
# re: Filtering SQL injection from Classic ASP
Wednesday, April 30, 2008 4:27 PM by naziml
you are right ... I am looking at form keys, instead of values ... I will update the script.
Thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, April 30, 2008 4:33 PM by naziml
Ok, I just fixed the form value lookup, and the quotes issue in the blacklist. Thanks for pointing it out.
# re: Filtering SQL injection from Classic ASP
Wednesday, April 30, 2008 9:54 PM by bills
welcome to blogosphere Nazim, it's great to have a security-focused blog for IIS!
# re: Filtering SQL injection from Classic ASP
Friday, May 02, 2008 1:13 PM by mendel
if we take each string and replace any single quotes with two single quotes, is there still a way to do sql injection?
# re: Filtering SQL injection from Classic ASP
Friday, May 02, 2008 7:17 PM by naziml
Disallowing single quotes does the trick for the most part. You have to watch out for encoding though. Also you
might end up disallowing valid scenarios. For example, what if you want to enter the name O'Connor?
# re: Filtering SQL injection from Classic ASP
Saturday, May 03, 2008 6:14 PM by alexhiggins732
I would also update the script to send an email to the webmster, so they can monitor for false positives, and
adjust the code accordingly where necessary
# re: Filtering SQL injection from Classic ASP
Monday, May 05, 2008 12:14 PM by naziml
I added a script sample to send email via a remote SMTP server. HTH.
# re: Filtering SQL injection from Classic ASP
Monday, May 05, 2008 1:09 PM by mendel
O'Connor gets replaced with O''Connor, which SQL server correctly interprets as O'Connor.
could you give us examples of how encoding could get by this check (isn't any url encoding decoded by IIS so I
get the decoded value in my code?)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 6 of 130

# re: Filtering SQL injection from Classic ASP

Monday, May 05, 2008 8:10 PM by naziml
<quote> isn't any url encoding decoded by IIS so I get the decoded value in my code </quote>
Not for querystring. The problem is that there is no *standard* encoding mechanism for querystrings. Apps use a
variety of things. For example your application may HTML escape the querystring, so you could bypass the check
using &#022;.
Also for the O'Connor example, the input form would need to replace the ' with '', correct? And SQL will escape it
correctly then?
# re: Filtering SQL injection from Classic ASP
Tuesday, May 13, 2008 3:50 AM by Ejhay
How do I validate this sample query stirng?
place_details.asp?content=;
because before the blacklisted symbol is the equal = sign, it doesn't redirect me on the error site.
Please help
# re: Filtering SQL injection from Classic ASP
Tuesday, May 13, 2008 9:14 AM by Ray
You need to update the querystring For Loop to check the string value not the id.
For Each s in Request.QueryString
'Response.Write(s & " = " & Request.QueryString(s) & VbCrLf)
If (CheckStringForSQL(Request.QueryString(s)) ) Then
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
# re: Filtering SQL injection from Classic ASP
Sunday, May 18, 2008 9:34 AM by CodeWhisperer
I notice that there are some issues here... or at least I think so based on the intent of this code.
The CheckStringForSQL for querystrings line should be:
If ( CheckStringForSQL(request.querystring(s)) ) Then
and the one for cookies should be:
If ( CheckStringForSQL(request.cookies(s)) ) Then
Otherwise you're checking only the names and not the actual values.
Also, you may want to note that if you want to send an email warning that shows the values being passed/used,
that should go in the sqlcheck.asp script and not the errorpage.asp script.
NOT criticism, just trying to be helpful and save someone else some time in the future. :-)
# re: Filtering SQL injection from Classic ASP
Sunday, May 18, 2008 11:38 PM by G:-)
Please check last 2 comments and change code!!!
The following test string default.asp?page=test'%20;%20insert%20INTO%20_atest%20(_name)%20VALUES
('hello1')-- is not detected by existing code without the changes mentioned.
# re: Filtering SQL injection from Classic ASP
Monday, May 19, 2008 1:25 AM by naziml
Sorry ... I somehow edited only the first one and missed the next two.
# re: Filtering SQL injection from Classic ASP
Tuesday, May 20, 2008 4:56 AM by zeWEBHOST
Can you explain how if the string is empty it returns "true" while CheckStringForSQL= false?:
' If the string is empty, return true
If ( IsEmpty(str) ) Then
CheckStringForSQL = false
Exit Function
# re: Filtering SQL injection from Classic ASP
Tuesday, May 20, 2008 4:04 PM by Anonymous
Instead of parsing the string using Request.QuerString, get the whole query string usin g
Request.Servervariables("QUERY_STRING") because the a request in the following format will not be parsed:

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 7 of 130

<form method="post" action="post.asp?PageID=123;Declare @a;Set @=123;Exec(@);">

</form>
=================
Recommended change
=================
For each s in Request.ServerVariables("QUERY_STRING")
If ( CheckStringForSQL(s) ) Then
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
# re: Filtering SQL injection from Classic ASP
Thursday, May 22, 2008 12:26 AM by naziml
zeWEBHOST: An empty string can't contain anything on the SQL injection blacklist, hence we return false for
empty strings.
Anonymous: I have not tested querystrings with form actions. I would assume that this would trigger a new
request where Request.QueryString is appropriately populated. Let me test this out, and if this is not the case, I
will update the script. Thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, May 22, 2008 4:51 AM by Marina
Why, if I use your code in the test page it works, but does not work in a real asp page giving me this error?
Microsoft VBScript compilation error '800a0411'
Name redefined
# re: Filtering SQL injection from Classic ASP
Thursday, May 22, 2008 4:57 AM by marina
sorry, now it works...
# re: Filtering SQL injection from Classic ASP
Thursday, May 22, 2008 9:25 AM by marina
I'm having a problem using your filter. If for example the name of the user in the input field is Castagna, the user
cannot register him self because his name contain the blacklisted word CAST. Obviously this will happen with all
names or words containing balcklisted terms. This fact do make impossible to use your nice script. Is it possible
to find a way that rejects only isolated word and not the blacklisted word contained in more complex words.
Thanx. Marina
# re: Filtering SQL injection from Classic ASP
Friday, May 23, 2008 3:21 AM by anti
how about adding the names of tables in the database to the blacklist? would that be enough to prevent any
changes to the tables in use?
or am I just missing something here? not the most experienced on this field, just had a site mangled recently.
# re: Filtering SQL injection from Classic ASP
Saturday, May 24, 2008 10:53 AM by Anthony
I used this script on a couple of my sites and it works just fine. However, on an older ASP site it gives the
following error:
--------Microsoft VBScript runtime error '800a01f4'
Variable is undefined: 'ss'
/tlt/sqlvalidation.asp, line 82
------Any idea what could be causing this?
# re: Filtering SQL injection from Classic ASP
Saturday, May 24, 2008 3:29 PM by Anthony
Sorry, that 'ss' should be an 's'
# re: Filtering SQL injection from Classic ASP
Tuesday, May 27, 2008 1:47 PM by Ali Hasan
Please check you might be using Option Explicit
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 8 of 130

Wednesday, May 28, 2008 3:57 AM by eqw@

ads
# re: Filtering SQL injection from Classic ASP
Wednesday, May 28, 2008 8:43 AM by zeWEBHOST
What about if the input is an Email address? the two strings "@" and "@@" will return to the error page. How to
prevent this without moving them?
# re: Filtering SQL injection from Classic ASP
Thursday, May 29, 2008 4:16 PM by NazimL
The list of strings I have put up is only a sample. I am aware that you will get false positives with it. If you look at
the comments in the scripts it will give you some suggestions around this. Do note that this is a quick fix to get
you up and running. What you really want to do is use a combination of whitelist/blacklist along with
parameterized SQL.
Currently I am just using InStr to see if I find a string. You could modify that logic to check for a whitespace
around it to avoid some false positives due to substrings. You need to use some caution though, because you
might just introduce a way to get past your filter with this (which is why I did not do it for the sample).
# re: Filtering SQL injection from Classic ASP
Friday, May 30, 2008 12:24 PM by Mendel
Suggestion to microsoft for blocking sql injection attacks:
one of the significant differences between sql and msacces (jet) is that sql allows multiple commands in a single
sql statement.
while that ability is very good, it's rarely if ever needed in a website.
I would like to suggest that microsoft release a patch to sql server that would add a specific permission on a user
to allow or deny the ability to run multi-command statments.
if that option was there, I think that 99% of websites could be protected just by blocking that ability.
# re: Filtering SQL injection from Classic ASP
Saturday, May 31, 2008 1:43 AM by Ken Schaefer
Why don't you recommend the use of parametized queries (e.g. using ADO command objects) instead? Surely
that would obviate the need for this type of code?
# Microsoft Best Practices for preventing SQL Injection Attacks
Saturday, May 31, 2008 8:58 AM by Harry Waldron - Microsoft MVP Blog
Microsoft has recently published a series of best practices to help developers build SQL code that is
# SQL injection information from Harry's blog
Saturday, May 31, 2008 11:31 AM by THE OFFICIAL BLOG OF THE SBS "DIVA"
While the default apps on a SBS 2003 (and upcoming SBS 2008) go through a SDL process so that I&#39;m
# SQL injection information from Harry's blog
Saturday, May 31, 2008 12:17 PM by MVPs
While the default apps on a SBS 2003 (and upcoming SBS 2008) go through a SDL process so that I&#39;m
# Microsoft Best Practices for preventing SQL Injection Attacks
Saturday, May 31, 2008 11:42 PM by Harry Waldron - My IT Forums Blog
Microsoft has recently published a series of best practices to help developers build SQL code that is
# SQL Injection and how to avoid it
Sunday, June 01, 2008 12:59 AM by ASP.NET Debugging
It isn't as big of a deal at the moment, but it is always good to make sure everyone is aware of this
# SQL Injections
Monday, June 02, 2008 9:04 AM by Robert Folkesson
Den senaste tiden har en mngd sajter blivit infekterade av en SQL Injection-attack som anvnder SQL
# re: Filtering SQL injection from Classic ASP
Monday, June 02, 2008 9:48 AM by Will Qunit
Thank you Nazimil :)
Your efforts on this helpful script are greatly appreciated and your blog a great learning experience!
Cheers
# re: Filtering SQL injection from Classic ASP
Monday, June 02, 2008 3:59 PM by NazimL

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official Micr...Page 9 of 130

Once again ... I definitely recommend using parameterized SQL ... see the first comment block in the ASP script.
I even have a link in there on how to use this with ADO in classic ASP. I specifically put this into the script as
coments because a lot of folks will just cut and paste the sample, without bothering to read the post.
# re: Filtering SQL injection from Classic ASP
Wednesday, June 04, 2008 3:04 AM by Quotes missing
There is an important aspect of SQL injection missing:
Your routine does not check for quotes. A single quote (') is the basic principle of SQL injection - it allows to
'escape' from the originally intended SQL statement. Thus, you need to add the quote charater (') and other
possible 'escapes' to your blacklist.
# re: Filtering SQL injection from Classic ASP
Wednesday, June 04, 2008 11:45 AM by Michael
This is VERY helpful. Thank you for this. It is the fastest way to at least prevent someone from deleting all the
data in your database. Yes you should use better measures but if you want to do something RIGHT NOW while
you are recoding to use sql parameters this is better than nothing.
# SQL

Wednesday, June 04, 2008 11:09 PM by Applelure

NeilCarpenter

...

#re: Filtering SQL injection from Classic ASP

Thursday, June 05, 2008 1:11 PM by Anonymous
thanks man! I've been attacked with some SQL Injection a few days ago so i'll apply this script on my website
ASAP.
# re: Filtering SQL injection from Classic ASP
Thursday, June 05, 2008 7:45 PM by naziml
Checking for single quote (') will lead to too many false positives, and hence not included. In most cases, this will
need to be used in conjuction with (--) to comment out the rest of the query, and since I have that on the list, it
should suffice.
# re: Filtering SQL injection from Classic ASP
Tuesday, June 10, 2008 9:21 AM by Anonymous
My company just bought an asp-component called SecureRequest (http://www.securerequest.net) that works in a
simular fasion as in this article. But with this component you can also replace values and block regularexpression patterns!
I might also recomend the SQL-injection vulnerabilities analyzer that they have on their website:
http://www.securerequest.net/analyze.aspx - helped me a lot!
//Rufus
# Inyeccin SQL... esta bajo ataque?
Monday, June 16, 2008 4:55 AM by Todo es posible, nada es seguro
Hay muchos sitios y blogs que hablan sobre el tema de inyeccin SQL. Puede encontrar toda la informacin
# re: Filtering SQL injection from Classic ASP
Saturday, June 21, 2008 2:26 PM by Anonymous
Hi!
Do you have Jscript version at hand?
Regards,
TomazL
# re: Filtering SQL injection from Classic ASP
Sunday, June 22, 2008 1:12 PM by Anonymous
Hi,
Was thinking it would be nice to block the ip address of the attacker from visiting the site in IIS. I know how to do
this manually, would it be possible to do this programmatically each time a positive attack is detected?
Thanks,
Martin
# re: Filtering SQL injection from Classic ASP
Monday, June 23, 2008 4:57 AM by Anonymous
Hi!

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 10 of 130

I have converted VB to JS if anyone would need it. Please, take care, because it is not 100% tested! But it works
fine for us:
<%
var BlackList;
BlackList = new Array("--", "/*", "*/", "@@",
"alter ", "begin ", "cast ", "create ", "cursor ",
"declare ", "delete ", "drop ", "exec ",
"execute ", "fetch ", "insert ", "open ",
"select ", "sysobjects", "syscolumns",
"table ", "update ", "<scrip", "</scrip");
ErrorPage = "/ErrorPage.asp";
function CheckStringForSQL(str)
{
//If the string is empty, return true
if(str == undefined)
{
return(false);
}
//check if length is 0
if (str.length == 0)
{
return(false);
}
//Check if the string contains any patterns in our
//black list
var i;
for (i = 0; i < BlackList.length; i++)
{
if (str.toLowerCase().indexOf(BlackList[i]) != -1)
{
return(true);
}
}
return(false);
}
for(e = new Enumerator(Request.Form); !e.atEnd(); e.moveNext())
{
// Response.Write(Request.Form(e.item())+"");
if(CheckStringForSQL(Request.Form(e.item())+""))
{
// Redirect to an error page;
Response.Redirect(ErrorPage);
}
}
for(e = new Enumerator(Request.QueryString); !e.atEnd(); e.moveNext())
{
// Response.Write(Request.QueryString(e.item())+"");
if(CheckStringForSQL(Request.QueryString(e.item())+""))
{
// Redirect to an error page;
Response.Redirect(ErrorPage);
}
}
for(e = new Enumerator(Request.Cookies); !e.atEnd(); e.moveNext())
{
// Response.Write(Request.Cookies(e.item())+"");

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 11 of 130

if(CheckStringForSQL(Request.Form(e.item())+""))
{
// Redirect to an error page;
Response.Redirect(ErrorPage);
}
}
%>
# UrlScan v3.0 Beta Release
Tuesday, June 24, 2008 3:50 PM by Wade Hilmo
The IIS team has some street smarts when it comes to security. We learned quite a few lessons the hard
# Microsoft Security Advisory Alert: SQL Injection Attacks
Wednesday, June 25, 2008 3:17 AM by Jeff Alexander's Weblog
Microsoft is aware of a recent escalation in a class of attacks targeting Web sites that use Microsoft
# short movie downloads &raquo; Blog Archive
Wednesday, June 25, 2008 4:34 AM by short movie downloads Blog Archive
Pingback from short movie downloads &raquo; Blog Archive
# Security Advisory 954462: nuovi tool per identificare le vulnerabilit che espongono ad attacchi SQL
injection
Wednesday, June 25, 2008 4:50 AM by Security Blog di Feliciano Intini
Due mesi fa vi avevo parlato di nuove ondate di attacchi di tipo SQL Injection , poi un mese fa ho ritenuto
# Microsoft Security Advisory Rise in SQL Injection Attacks
Wednesday, June 25, 2008 10:03 AM by Nathan Mercer's blog
What is the purpose of this alert? This alert is to notify you that Microsoft has released Security Advisory
# New Security Tools for IIS and SQL
Wednesday, June 25, 2008 5:46 PM by Jeff Jones Security Blog
In cast you didn't see it, the Microsoft Security Response Center (MSRC) team just announced the release
# re: Filtering SQL injection from Classic ASP
Wednesday, June 25, 2008 6:32 PM by Anonymous
# re: Filtering SQL injection from Classic ASP
Friday, June 27, 2008 4:33 AM by Anonymous
Mendel asks if there is a way to do SQL injection if all single quotes are escaped and anti suggests filtering out
table names.
One of the current attacks uses T-SQL encoded in hexadecimal to obscure all single quotes and most of the SQL
key words (including all table names). E.g.,
product_id=37;DECLARE%20@S%20VARCHAR(4000);SET%20@S=CAST(some nasty hex encoded T-SQL
here%20AS%20VARCHAR(4000));EXEC(@S);-This worked on pages that expected stuff like product_id=37 in the querystring and build a query without putting
single quotes around product_id. Something like:
"SELECT * FROM products WHERE product_id = " & Replace(product_id, "'", "''")
Escaping the quotes and filtering for table names makes no difference, but (and maybe I'm wrong) rewriting the
query with single quotes around the product_id would stop the attack:
"SELECT * FROM products WHERE product_id = '" & Replace(product_id, "'", "''") & "'"
Surely
SELECT * FROM products WHERE product_id = '37;DECLARE%20@S%20VARCHAR(4000);SET%
20@S=CAST(some nasty hex encoded T-SQL here%20AS%20VARCHAR(4000));EXEC(@S);--'
isn't going to execute the way the attacker intends. Everything between the single quotes is going to be treated
as a string instead of executing, yes?
Maybe the question should be: "Is there a known way to do SQL injection if all single quotes are escaped and all
input values are surrounded by single quotes." If the answer is no, then why bother with filtering, parameterized
queries, etc.? I have seen articles which claim to give examples, but if you actually take the time to substitute the
example SQL into the dynamic query it becomes clear nothing bad would happen. So, someone please show me
a working example before I go recoding everything with parameterized (ugh) queries.
# re: Filtering SQL injection from Classic ASP
Friday, June 27, 2008 4:45 AM by Anonymous
The only problem with the escaping approach is that the hacker can just start his injection with a ' to end your
qoutes. So for example
1 or 1=1'; Do some nastiness here in hex etc....;

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 12 of 130

At the end of the day there are many different ways to inject sql and you need to protect against them all.
# re: Filtering SQL injection from Classic ASP
Friday, June 27, 2008 6:18 AM by Anonymous
Try what you suggested or write it out. It won't do anything. Any ' will get escaped and interpreted as a literal.
SQL will search the DB for a weird string and return no match.
Again, show me a working example.
# re: Filtering SQL injection from Classic ASP
Friday, June 27, 2008 6:22 AM by Anonymous
I have no objection to filtering or other technique--even if there is no way to do SQL injection when everything is
escaped and between single quotes, doesn't mean some coder won't slip up.
# re: Filtering SQL injection from Classic ASP
Monday, June 30, 2008 9:42 AM by Anonymous
Hi I am Anshuk. My web site has been attacked in a similar way.
ID=308;DECLARE%20@S%20VARCHAR(4000);SET%20@S=CAST
(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220
20AS%20VARCHAR(4000));EXEC(@S);-I have used the following code to fix it.
when ever i use a value from querystring like request("productID") i encase it in
dbsafe2(request("productID"),"Numeric")
or if it is a string then
dbsafe2(request("productName"),"string")
function dbsafe2(data,dtype)
if (instr(data,"update")) or (instr(data,"delete")) or (instr(data,"select")) or (instr(data,"group by")) or (instr
(data,"having")) or (instr(data,"<script")) or (instr(data,"CAST")) then
Set myMail=CreateObject("CDO.Message")
myMail.Subject="DBSAFE2 Someone is trying to *** us, But he couldnt...he he"
myMail.From="[email protected]"
myMail.To="[email protected]"
myMail.HTMLBody = "<b>Someone is trying to *** our database. <BR><BR>Hacker's Details: <BR><BR>IP
Address:</b> <a href=whois.domaintools.com/"&Request.ServerVariables("REMOTE_ADDR")
&">"&Request.ServerVariables("REMOTE_ADDR")&"</a><BR><B>Target Page:</b> http://tulleeho.com"&
Request.ServerVariables("SCRIPT_NAME") &"<BR><b>Browser/OS Info:</b> "& Request.ServerVariables
("HTTP_USER_AGENT") &"<BR><b>Logon User:</b> "& request.ServerVariables("LOGON_USER")
&"<BR><b>Request Method: </b>"& request.ServerVariables("REQUEST_METHOD") &"<BR><B>Post
Data:</b> "& data &"<BR><B>Querystring:</b> "&request.ServerVariables("QUERY_STRING")
&"<BR><B>Cookies:</b> "&request.ServerVariables("HTTP_COOKIE") &"<BR><a
href=""www.tulleeho.com/testdbsafe.asp("QUERY_STRING") &""">Test DBSAFE</a><BR><b>Server
Date/Time: </b>" & now()
myMail.Send
set myMail=nothing
end if
if lcase(dtype) = "numeric" then
if Not IsNumeric(data) then data=0
else
data = replace(data,"'","''")
End if
dbsafe2 = data
end function
contact: anshukk @ gmail . com
# re: Filtering SQL injection from Classic ASP
Tuesday, July 01, 2008 3:50 PM by Anonymous
Nazm abi sql injecition ile bam dertte ltfen sitemde kullanabileceim anti-sql injection kodlarn
[email protected] adresine yollarmsnz?
# re: Filtering SQL injection from Classic ASP
Thursday, July 03, 2008 9:05 AM by Anonymous
# re: Filtering SQL injection from Classic ASP
Saturday, July 05, 2008 7:29 PM by Anonymous
naziml, may 22, in an answer to anonymous, you say

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 13 of 130

"Anonymous: I have not tested querystrings with form actions. I would assume that this would trigger a new
request where Request.QueryString is appropriately populated. Let me test this out, and if this is not the case, I
will update the script. Thanks."
Have you checked into this <important> difference?
What is the result...?
# re: Filtering SQL injection from Classic ASP
Monday, July 07, 2008 3:27 PM by Anonymous
Anonymous' June 30, 2008 post is nice because it combines the blacklist with a datatype check. You might also
consider a value length check. Limiting the number of characters can really make it tougher on the attacker. What
can they really do with say 20 characters to play with?
Something like...
function dbsafe2(data, dtype, maxlength)
# re: Filtering SQL injection from Classic ASP
Tuesday, July 08, 2008 12:23 AM by Anonymous
Kick-ass resource: ha.ckers.org/sqlinjection
# re: Filtering SQL injection from Classic ASP
Tuesday, July 08, 2008 12:48 AM by Anonymous
So here's what I came up with after a bit of tinkering. I stuck this in my data access layer's base class, which is
inherited by all my data access objects. I mostly use it for my complicated searches, for which I still can't seem to
get away from dynamic SQL.
The blacklist might be a bit too extensive to real use. Edit as you need.
/// <summary>Validate and filter each value supplied by the user for use in the whereClause.</summary>
/// <param name="userValue">The value to validate</param>
/// <param name="maxLength">The most characters permitted</param>
/// <returns>The value after validation and filtering</returns>
/// <remarks>This method is provided to help guard against SQL injection attacks. It escapes single quotes with
two single quotes and removes the comment markings.</remarks>
protected static String CleanValue(String userValue, Int32 maxLength)
{
// Throw an exception if a blacklisted word is detected.
String[] blackList = {
"alter",
"begin",
"cast",
"create",
"cursor",
"declare",
"delete",
"drop",
"exec",
"execute",
"fetch",
"insert",
"kill",
"open",
"select",
"sys",
"sysobjects",
"syscolumns",
"table",
"update",
"<script",
"</script"
};
for (int i = 0; i < blackList.Length; i++)
if (userValue.ToLower().Contains(blackList[i]))
throw new ArgumentException();

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 14 of 130

// Throw an exception if too many characters detected.

if (userValue.Length >= maxLength)
throw new ArgumentOutOfRangeException();
// Replace single quotes with two single quotes and remove any comment markings.
String result = userValue.Replace("'", "");
result = result.Replace("--", "");
result = result.Replace("/*", "");
result = result.Replace("*/", "");
result = result.Replace("@@", "");
result = result.Replace("@", "");
return result;
}
Regards, BPM
# re: Filtering SQL injection from Classic ASP
Tuesday, July 08, 2008 7:32 AM by Anonymous
Hi there, I have just had an attack too. Lots of script and js messages in my tables.
If i add the SqlCheckInclude.asp include to every page will this prevent further attacks do you think?
I have uploaded it and the testpage.asp to my server and when I point the browser directly at the testpag.asp and
it gives this message
Welcome to the Test Page.If you are seeing this page then SQL validation succeeded.
So I presume the code has worked?
But then how do I actually know it has worked? Is there some kind of code I can run to test to see if it works?
# re: Filtering SQL injection from Classic ASP
Wednesday, July 09, 2008 3:08 PM by Anonymous
Hi
What dos "end" i the blacklist do to SQL
When i run the script with blacklist and all i'v get the errorpage, when i remove "end", from the blacklist it's works
OK.
Can anyone explane that to me, Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, July 10, 2008 7:12 PM by naziml
if something like 'end' is blocking you, it might inadvertently be part of your request. I hit this in my ASP.net
session cookie :)
# re: Filtering SQL injection from Classic ASP
Friday, July 11, 2008 5:40 AM by Anonymous
Thanks Rufus!
--My company just bought an asp-component called SecureRequest (http://www.securerequest.net) that works in
a simular fasion as in this article. But with this component you can also replace values and block regularexpression patterns!
I might also recomend the SQL-injection vulnerabilities analyzer that they have on their website:
http://www.securerequest.net/analyze.aspx - helped me a lot!
//Rufus-I've downloaded and installed it! Works perfectely! Minor issues but their support was great!
Rolf
# re: Filtering SQL injection from Classic ASP
Friday, July 11, 2008 9:29 PM by Anonymous
wVFBYI <a href="twlmdgyjvdjj.com/.../a>, [url=http://dbpnpnqjoefn.com/]dbpnpnqjoefn[/url],
[link=http://aqbmjmqswypj.com/]aqbmjmqswypj[/link], http://rilvammdrode.com/
# re: Filtering SQL injection from Classic ASP
Saturday, July 12, 2008 6:08 AM by Anonymous
hai i got below error hw to solve it ... i am not a asp programmer ... so pls give ur suggestion to solve it....
Error Type:
Microsoft VBScript runtime (0x800A01F4)
Variable is undefined: 's'
admin/SqlCheckInclude.asp, line 86

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 15 of 130

# New Security Tools for IIS and SQL | IT &amp; Network Security Blog
Saturday, July 12, 2008 1:41 PM by New Security Tools for IIS and SQL | IT & Network Security Blog
Pingback from New Security Tools for IIS and SQL | IT &amp; Network Security Blog
# re: Filtering SQL injection from Classic ASP
Sunday, July 13, 2008 3:39 AM by Anonymous
Naz, thanks for this article, it was a great help as a starting point to get some ideas....well written and good
comments (for the most part) as well.
# New Security Tools for IIS and SQL | IT &amp; Network Security Blog
Sunday, July 13, 2008 4:52 AM by New Security Tools for IIS and SQL | IT & Network Security Blog
Pingback from New Security Tools for IIS and SQL | IT &amp; Network Security Blog
# re: Filtering SQL injection from Classic ASP
Tuesday, July 15, 2008 9:18 PM by Anonymous
Nazim,
just a quick note to say thanks for this. We have had it in operation for over a month and it is working to protect
our site, whilst we get the developers to implement a more appropriate way of dealing with sql. Our only mod was
to tweak the blacklist a little.
To give people an idea in the last 2 weeks we have received 2400 sql injection attempts, all fialed, and only have
one very wierd error (but it is a Mac ;-)) when no string at all is attached to the URL, will post if I ever solve it.
One small note to those getting the "variable undefined: 's'" problem just add s to the Dim statement at the top of
the code e.g;
Dim BlackList, ErrorPage, s
Thanks again, we are very grateful.
G:-)
# SQL Injection attacks on the rise - myhosting.com Blog
Friday, July 18, 2008 2:29 PM by SQL Injection attacks on the rise - myhosting.com Blog
Pingback from SQL Injection attacks on the rise - myhosting.com Blog
# re: Filtering SQL injection from Classic ASP
Monday, July 21, 2008 10:35 AM by Anonymous
# re: Filtering SQL injection from Classic ASP
Thursday, July 31, 2008 6:33 PM by Anonymous
Thanks a lot this is the best validation code I saw.
# re: Filtering SQL injection from Classic ASP
Monday, August 11, 2008 3:24 AM by Anonymous
Nazim, thanks very much for the code. I do have a question thought. I find that email addresses from
"comcast.net" are also seen ans possible SQL injection, as the word "cast" is in the address.
Is there a way to have "comacast" set as an exception within the code?
Thanks
Hans
# VKKK.NET &raquo; Blog Archive &raquo; Prevent SQL Injection in Legacy ASP Applications
Sunday, August 17, 2008 11:41 PM by VKKK.NET Blog Archive Prevent SQL Injection in Legacy ASP
Applications
Pingback from VKKK.NET &raquo; Blog Archive &raquo; Prevent SQL Injection in Legacy ASP Applications
# re: Filtering SQL injection from Classic ASP
Saturday, August 30, 2008 1:18 PM by Anonymous
thank you very cool working very nice se http://www.sohbetozel.org
# re: Filtering SQL injection from Classic ASP
Tuesday, September 02, 2008 2:53 AM by bholyfield
URLScan is a great defense mechanism for web server attacks, but I have found that it is not flexible enough to
defend against web application-level attacks like SQL Injection. The group I work with just released a free
module for IIS (called SPF) that provides a flexible mechanism for blocking malicious requests. SPF can be
downloaded from our website: www.gdssecurity.com/.../t.php
It provides coverage options for Query Strings, POST data and Cookies (where as URL Scan is limited to just
Query Strings). It also supports use of regular expressions to define malicious input sequences, allowing more
complex patterns to reduce the likelihood of false positives. You can find out more about it from the following
Blog post: www.gdssecurity.com/.../iis-secure-parameter-filter-spf-released

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 16 of 130

# Latest SQL Injection of <script> components

Thursday, September 04, 2008 12:24 AM by The Philosophy
I just received two back to back cases on the SQL Injection attacks today. I found that attackers have
# re: Filtering SQL injection from Classic ASP
Sunday, September 07, 2008 4:39 AM by Anonymous
thanks you http://www.turksevdasi.com http://www.chatarkadas.net
# re: Filtering SQL injection from Classic ASP
Sunday, September 07, 2008 4:40 AM by Anonymous
very goodd http://www.sohbet.org
# re: Filtering SQL injection from Classic ASP
Monday, September 08, 2008 6:23 AM by Anonymous
http://www.gencsohbetci.net/
# re: Filtering SQL injection from Classic ASP
Monday, September 08, 2008 6:23 AM by Anonymous
http://www.gencsohbetci.net thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, September 09, 2008 10:02 PM by Anonymous
http://www.dosttr.net good thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, September 10, 2008 12:48 AM by Anonymous
we'd better filter sql injection from data provider generally as http://www.ohr.cn or http://www.sisigi.com
please refer to their help document
# re: Filtering SQL injection from Classic ASP
Saturday, September 13, 2008 7:04 AM by Anonymous
http://www.akenna.net
# re: Filtering SQL injection from Classic ASP
Saturday, September 13, 2008 7:05 AM by Anonymous
thank you very cool working very nice se http://www.akenna.net
# re: Filtering SQL injection from Classic ASP
Saturday, September 13, 2008 7:06 AM by Anonymous
thank you very cool working very nice se http://www.akenna.net
# re: Filtering SQL injection from Classic ASP
Wednesday, September 17, 2008 3:02 PM by Anonymous
# re: Filtering SQL injection from Classic ASP
Wednesday, September 17, 2008 3:02 PM by Anonymous
Thank you very much http://www.sohbet15.com
# re: Filtering SQL injection from Classic ASP
Thursday, September 18, 2008 4:34 AM by Anonymous
# re: Filtering SQL injection from Classic ASP
Thursday, September 18, 2008 1:34 PM by Anonymous
thanks if something like 'end' is blocking you, it might inadvertently be part of your request. I hit this in my
ASP.net session cookie :)
http://www.sohbetozel.org
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 9:33 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 9:33 AM by mirc

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 17 of 130

thanks.
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 9:34 AM by mirc
thank you site admini.
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 9:56 AM by chat
thx.
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 10:01 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 12:47 PM by sohbet
thanks. veryi maucks...
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 12:48 PM by sohbet
thanks. <a href="www.sevgisohbet.com/" title="sohbet, chat">sohbet</a> www.sevgisohbet.com
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 1:39 PM by sohbet odas
thanks you..
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 4:30 PM by emlak
thank you sites admin
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 5:54 PM by mirc
thanks karantina
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 5:54 PM by mirc
thanks
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 6:20 PM by arkadas
THANKS
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 11:17 PM by Sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 11:18 PM by Sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, September 19, 2008 11:20 PM by Sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 3:33 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 3:34 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 5:26 AM by mirc

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 18 of 130

thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 5:26 AM by mrc
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 2:06 PM by muhabbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 2:07 PM by muhabbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Saturday, September 20, 2008 11:26 PM by Sohbet
thank you very much
# re: Filtering SQL injection from Classic ASP
Sunday, September 21, 2008 6:17 AM by sohbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Sunday, September 21, 2008 8:28 AM by SOHBET
thanks you...
<a href="http://www.gonulleringulu.com" title="islami sohbet, sohbet , sohbet chat, dini sohbet"
target="_blank">SOHBET</a>
<a href="http://www.sipsevdim.com" title="sohbet, cet sohbet , liseli kizlar, sohbet siteleri "
target="_blank">MUHABBET</a>
# re: Filtering SQL injection from Classic ASP
Sunday, September 21, 2008 9:00 AM by manavgat
thanks for the post!
# re: Filtering SQL injection from Classic ASP
Sunday, September 21, 2008 1:01 PM by chat
thanks for the post...admin.
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 3:13 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 3:15 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 3:16 AM by sohbet
http://www.coktatli.net thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 5:26 AM by sohbetodas
http://www.canlarselichat.com
thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 7:41 AM by video
thanks
http://video.sohbetozel.org
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 7:49 AM by sohbet
thank you

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 19 of 130

# re: Filtering SQL injection from Classic ASP

Monday, September 22, 2008 8:32 AM by sohbet
:S gglaguuuuu
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 2:17 PM by sohbet
Thank you site admin..
# re: Filtering SQL injection from Classic ASP
Monday, September 22, 2008 2:18 PM by sohbet
Thank you site admin..
# re: Filtering SQL injection from Classic ASP
Tuesday, September 23, 2008 3:49 PM by arkadas
thnaks admin
# re: Filtering SQL injection from Classic ASP
Tuesday, September 23, 2008 4:34 PM by sohbet
thanks very nice admin
# re: Filtering SQL injection from Classic ASP
Tuesday, September 23, 2008 4:52 PM by SohbeT
thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, September 23, 2008 4:53 PM by SohbeT
thank admin
# re: Filtering SQL injection from Classic ASP
Tuesday, September 23, 2008 6:32 PM by chat
thank you site admin.
# re: Filtering SQL injection from Classic ASP
Wednesday, September 24, 2008 5:35 PM by rap
Thank you very much
# re: Filtering SQL injection from Classic ASP
Wednesday, September 24, 2008 5:36 PM by rap
Thank you very much
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 10:48 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 10:50 AM by gzel szler
<A HREF="http://www.damarsozler.net" REL="nofollow" TITLE="sohbet">gzel szler</A>
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 2:16 PM by chat
thanks you admisn
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 2:48 PM by sohbet
thank you a lot.
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 8:48 PM by Sohbet
thank you
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 20 of 130

Thursday, September 25, 2008 8:51 PM by Gayrimenkul

thnk you
# re: Filtering SQL injection from Classic ASP
Thursday, September 25, 2008 8:56 PM by Spor
nice job
# New Security Tools for IIS and SQL | To The TOP
Friday, September 26, 2008 9:31 AM by New Security Tools for IIS and SQL | To The TOP
Pingback from New Security Tools for IIS and SQL | To The TOP
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 9:32 AM by netlog
thnkss
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 12:43 PM by Sohbet
Thanks you admin mucuk.
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 1:03 PM by Fora
tenksss
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 1:03 PM by toprak
Thanks you
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 2:11 PM by mirc
thanks you site
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 5:23 PM by mirc indir
thank you site admin...!
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 5:26 PM by mirc indir
thank you
# re: Filtering SQL injection from Classic ASP
Friday, September 26, 2008 10:50 PM by sohbet
good works, thanks everybody.
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 2:57 AM by akenna
good works, thanks everybody.
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 5:40 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 5:40 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 9:43 AM by islami sohbet
thAnk you..
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 9:45 AM by sohbet
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 21 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, September 27, 2008 9:46 AM by et
thanks youu
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 10:53 AM by Lida
thanks 4 post
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 2:48 PM by Sohbet
thanks admin
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 4:38 PM by cam balkon
thankss admins
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 4:42 PM by cam balkon
thankss blogs.iis
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 4:42 PM by sohbet odalar
thankss dedikk
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 6:32 PM by Sohbet
Chat
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 6:34 PM by Sohbet
<h1><a href="http://www.sohbetederiz.com">sohbet</a></h1>
yhanks
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 8:00 PM by sohbet
thanks admin.
# re: Filtering SQL injection from Classic ASP
Saturday, September 27, 2008 9:01 PM by chat
thank you..
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 7:06 AM by Chat
Chat
thakns
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 7:41 AM by mirc
thanks you site
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 7:41 AM by mirc
thanks you site
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 10:55 AM by Lida
thanks 4 post
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 2:18 PM by sohbet
thankss..

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 22 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, September 28, 2008 2:21 PM by sohbet chat
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 2:22 PM by sohbet chat
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 2:57 PM by mirc
Thabk youu
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 2:58 PM by mirc
thank you ulan
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 4:03 PM by Sohbet Chat
Thanks
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 4:05 PM by Film izle
Werry Good
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 6:42 PM by Sohbet
thanks a lot admin
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 7:03 PM by Sohbet
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 8:59 PM by hosting
hosting thank you very much
# re: Filtering SQL injection from Classic ASP
Sunday, September 28, 2008 8:59 PM by hosting
hosting thank you very much
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 2:24 AM by mirc
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 5:31 AM by mirc
thanks you
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 5:37 AM by iddaa
I just received two back to back cases on the SQL Injection attacks today. I found that attackers have
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 9:36 AM by Pernese Online
thank you
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 9:36 AM by Pernese Online
thankss
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 10:27 AM by lida

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 23 of 130

thanks a lot
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 11:15 AM by msn indir
good works ..
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 11:16 AM by msn indir
Good works..
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:01 PM by chat
thanks..
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:09 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:09 PM by chat
Thank you very much
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:36 PM by kanser tedavileri
thank you
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:37 PM by iir
thank you
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:39 PM by iir
verry good
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:40 PM by okey indir
verry good
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:40 PM by okey indir
verry good
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:48 PM by sohbet
thanks.. admin
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 3:50 PM by sohbet
thanks.. admin
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:02 PM by arkadas
thanks you wery much
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:04 PM by mirc
thanks very good.
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:04 PM by mirc
thank you wery much
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:05 PM by mirc

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 24 of 130

thanks you very good

# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:23 PM by damarsozler
thanks
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:25 PM by idealsohbet
thanks baby
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:27 PM by guzelsozlergen
thank you akm
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:28 PM by harikasohbet
thanks sohbet
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 6:30 PM by gzel szler
thanks akm
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 7:53 PM by sohbet
thank you kanka
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 7:55 PM by partner
saol be hafis
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 9:33 PM by chat
thanks you
# re: Filtering SQL injection from Classic ASP
Monday, September 29, 2008 9:34 PM by mirc
thank you wery much
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 4:53 AM by mine
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 6:14 AM by msn adresleri
good article for security. thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 7:40 AM by erotik shop
thanks very.
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 7:59 AM by sohbet
thanks you..
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 11:37 AM by sohbet
thamks a lot admin..
# re: Filtering SQL injection from Classic ASP
Tuesday, September 30, 2008 6:47 PM by chat
thanks site admin.
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 25 of 130

Tuesday, September 30, 2008 6:50 PM by chat

thanks site admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 3:22 AM by kadn
you are right ... I am looking at form keys, instead of values ... I will update the script.
Thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 6:17 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 6:31 AM by mirc
thanks and you wery much
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 6:33 AM by mirc
thanks ewy gzm :)
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 6:53 AM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 7:36 AM by Hasret
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 7:36 AM by Hasret
Hasret , Hasret Sohbet
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 10:17 AM by cet
thanks sizleri seviyorumm :)
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 10:18 AM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 12:31 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 12:32 PM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 3:54 PM by sohbet
thankkss
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 4:08 PM by sohbet
thanks.. admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 8:27 PM by sohbet
thanksss
# re: Filtering SQL injection from Classic ASP
Wednesday, October 01, 2008 8:31 PM by muhabbet
thank you wery much

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 26 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, October 02, 2008 3:47 AM by et
thansk
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 4:10 AM by edirne
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 6:25 AM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 11:46 AM by Chat
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 12:56 PM by seckin sohbet
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 12:57 PM by film izle
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 4:52 PM by cet sohbet
thaks
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 4:53 PM by chat
thank
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 4:57 PM by sohbet
thanks for new..
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 5:01 PM by mirc indir
good blog cool site.
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 5:46 PM by Oyunlar1
Thank you for faving
# re: Filtering SQL injection from Classic ASP
Thursday, October 02, 2008 7:07 PM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, October 03, 2008 4:02 AM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, October 04, 2008 4:56 AM by Sohbet
thanks you my friend..
# re: Filtering SQL injection from Classic ASP
Saturday, October 04, 2008 7:10 PM by mirc
thanks admin.
# re: Filtering SQL injection from Classic ASP
Saturday, October 04, 2008 7:13 PM by sohpet
verry good.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 27 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, October 05, 2008 6:24 AM by dvd, pda, ipod movies
its a real good
# re: Filtering SQL injection from Classic ASP
Sunday, October 05, 2008 6:25 AM by ark
thanks you
# re: Filtering SQL injection from Classic ASP
Sunday, October 05, 2008 4:59 PM by toprak
tenksss
# re: Filtering SQL injection from Classic ASP
Sunday, October 05, 2008 7:07 PM by megakomanda
nice. Thx you
# re: Filtering SQL injection from Classic ASP
Sunday, October 05, 2008 7:08 PM by megakomanda
hehe, i love it
# re: Filtering SQL injection from Classic ASP
Monday, October 06, 2008 5:45 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 06, 2008 5:47 PM by partner
thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 06, 2008 9:43 PM by laptop battery
thanks a lot
# re: Filtering SQL injection from Classic ASP
Monday, October 06, 2008 10:39 PM by Chat
Web Chat Dragon Blogger Sites
# re: Filtering SQL injection from Classic ASP
Monday, October 06, 2008 10:40 PM by Chat
If you click your feed right -> show Info you can set credentials in "Username & Password" section.
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 2:39 AM by mirc
you are thenks
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 6:09 AM by iir
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 6:10 AM by siir
verry good
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 6:11 AM by yeni mp3
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 9:37 AM by lida
tha nks a lot
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:23 PM by Sohbet odalar

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 28 of 130

ThanKs you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:24 PM by sohbet
Thank you my brother
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:27 PM by ahmed
Thank you my brother
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:40 PM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:41 PM by chat
thank you site admin
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:42 PM by mirc
thanks very good
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:43 PM by mirc indir
thanks.....
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:43 PM by film indir
thank you admin
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 12:45 PM by divx film indir
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 1:46 PM by muhabbet
sohbet kanal bedava sohbet odalar kzlarla sohbet kelebek sohbet alem sohbet gurbet
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 1:47 PM by muhabbet
sohbet kanal bedava sohbet odalar kzlarla sohbet kelebek sohbet alem sohbet gurbet
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 2:41 PM by chat
tankss
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 2:55 PM by Medikal
SYNTAX ERROR ? HELP ME!!!
<FORM VERB=POST METHOD="POST">
Test page for checking input with possible SQL injection.<br><br>
Email: <INPUT NAME=Email></INPUT><BR>
Message: <INPUT NAME=Message></INPUT><BR>
Sent: <% = SendEmail(Request("Email"),Request("Message")) %><BR>
<BUTTON TYPE=SUBMIT>Submit</BUTTON>
</FORM>
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 4:50 PM by chat sohbet
Wonderful Stuff you post!! I LOVE it!
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 4:57 PM by kral oyun

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 29 of 130

thank you admin

# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 4:58 PM by kral oyun
thank you admin
# re: Filtering SQL injection from Classic ASP
Tuesday, October 07, 2008 5:36 PM by oyun
Wonderful.Thanks so much.
# re: Filtering SQL injection from Classic ASP
Wednesday, October 08, 2008 6:20 PM by radyo
Wonderful.Thanks so much.
# re: Filtering SQL injection from Classic ASP
Wednesday, October 08, 2008 6:21 PM by Radyo Dinle
thank you admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 08, 2008 6:24 PM by Radyo
thank you admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 08, 2008 6:40 PM by evden eve nakliyat
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, October 08, 2008 9:30 PM by Radyo
www.gonuldostu.net
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 11:28 AM by Sohbet odalar
I love your works thank you
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 5:16 PM by youtube
thnaks
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 5:37 PM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 6:02 PM by mirc
thanks for all best regards
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 6:19 PM by Chat
Thank you site admin
# re: Filtering SQL injection from Classic ASP
Thursday, October 09, 2008 6:20 PM by Chat
thank you site admin LDR
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:45 AM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:46 AM by chat
Thank you Hey nice gallery!!! I love your works
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 30 of 130

Friday, October 10, 2008 4:46 AM by canl sohbet

Thank you Hey nice gallery!!! I love your works
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:47 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:48 AM by sohbet
http://www.sohbet08.com
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:50 AM by chat kanallar
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:51 AM by temel fkralar
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:52 AM by muhabbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:53 AM by ak fal
thanks very good
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:53 AM by sohbet odalar
http://www.xmircx.com
http://www.chat06.net
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:54 AM by oyun oyna
thank you wery much
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:55 AM by oyun
thank you wery much thanks administrator
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:55 AM by oyun
http://www.cetyap.net
www.gazetelermerkezi.com
thanks reaaly good
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:57 AM by izlekop
thank you very much
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:57 AM by sohbet.net
Also, you may want to note that if you want to send an email warning that shows the values being passed/used,
that should go in the sqlcheck.asp script and not the errorpage.asp script.
http://www.chatiks.net
http://www.cetarkadas.net
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 4:57 AM by sohbet net
Also, you may want to note that if you want to send an email warning that shows the values being passed/used,
that should go in the sqlcheck.asp script and not the errorpage.asp script.
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 5:09 AM by gazeteler

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 31 of 130

thanks ree begards :D

# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 5:10 AM by irc sohbet
very top secret chat :D
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 7:41 AM by islami sohbet
very top secret chat :D
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 7:52 AM by sohbet
thankss secret chat sohbet channell
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 7:53 AM by cam balkon
thanksssssss dedikkss
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 12:34 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 12:35 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:09 PM by muhabbetgulu
muhabbet, sohbet, chat
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:09 PM by muhabbetgulu
muhabbet, sohbet, chat
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:11 PM by muhabbetgulu
muhabbet
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:12 PM by muhabbetgulu
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:15 PM by gzelszler
thank you
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 1:15 PM by Sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 3:23 PM by oyunlar
thank you for comment
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 3:48 PM by sohbet siteleri
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 3:49 PM by canl film
thanks
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 32 of 130

Friday, October 10, 2008 3:56 PM by sohbet siteleri

thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 11:52 PM by Radyo
danke admin
# re: Filtering SQL injection from Classic ASP
Friday, October 10, 2008 11:53 PM by Radyo
danke admin
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:27 AM by film izle
good thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:35 AM by cam balkon
thankss star balkon cam
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:37 AM by cam balkon
thanksss goodd thankss
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:42 AM by cam balkon
thankss youru goodd
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:44 AM by cam balkon
thankss youru goodd
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:46 AM by chat
thankss chat sitelerii
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 5:59 AM by chat
chat siteleri. sohbet kanallar
#re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 6:04 AM by msn avatarlar
thanks very nice web site..
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 6:26 AM by sohbet chat
Thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 10:11 AM by Radyo Dinle
danke
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 2:21 PM by chat
Thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 2:22 PM by chat
Thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 11, 2008 2:23 PM by chat
Thank

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 33 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, October 11, 2008 2:24 PM by chat
thankss youru goodd
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 5:33 AM by Sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 5:33 AM by Sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 5:59 AM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 9:10 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 9:11 AM by sohbet odalar
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 7:38 PM by sohbet
thnk you
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 7:41 PM by sohbet
tahnk you
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 7:42 PM by mirc sohbet
thank you wery mucx
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 8:00 PM by muhabbetgulu
thnk you
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 8:10 PM by evden eve nakliyat
good sharing, thank you.
# re: Filtering SQL injection from Classic ASP
Sunday, October 12, 2008 8:21 PM by hosting
thank you
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 6:19 AM by islam islami sohbet
This code which I am looking for, thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 8:21 AM by chat
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 8:21 AM by chat
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 8:25 AM by [email protected]

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 34 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 10:07 AM by chat
tannkss
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 10:07 AM by chat
tabb
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 11:49 AM by muhabbetgulu
tannkss
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 11:51 AM by muhabbetgulu
tabb
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 1:35 PM by islami sohbet
I was always having errors in;
myMail.HTMLBody = "<b>Someone is trying to *** our database. <BR><BR>Hacker's Details: <BR><BR>IP
Address:</b> <a href=whois.domaintools.com/"&Request.ServerVariables("REMOTE_ADDR")
&">"&Request.ServerVariables("REMOTE_ADDR")&"</a><BR><B>Target Page:</b> http://tulleeho.com"&
Request.ServerVariables("SCRIPT_NAME") &"<BR><b>Browser/OS Info:</b> "& Request.ServerVariables
("HTTP_USER_AGENT") &"<BR><b>Logon User:</b> "& request.ServerVariables("LOGON_USER")
&"<BR><b>Request Method: </b>"& request.ServerVariables("REQUEST_METHOD") &"<BR><B>Post
Data:</b> "& data &"<BR><B>Querystring:</b> "&request.ServerVariables("QUERY_STRING")
&"<BR><B>Cookies:</b> "&request.ServerVariables("HTTP_COOKIE") &"<BR><a
href=""www.tulleeho.com/testdbsafe.asp("QUERY_STRING") &""">Test DBSAFE</a><BR><b>Server
Date/Time: </b>" & now()
Thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 5:15 PM by et
thank
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 8:29 PM by Sohbet
thanx
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 10:28 PM by sohbet
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 13, 2008 10:28 PM by key demeleri
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, October 14, 2008 6:48 AM by islami sohbet
I'm not sure with this.
ID=308;DECLARE%20@S%20VARCHAR(4000);SET%20@S=CAST
(0x4445434C415245204054205641524348415228323535292C404320564152434841522832353529204445434C415245205461626C655F437572736F7220
20AS%20VARCHAR(4000));EXEC(@S);-# re: Filtering SQL injection from Classic ASP
Tuesday, October 14, 2008 10:24 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, October 14, 2008 6:07 PM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, October 14, 2008 7:19 PM by nakliyat
thanks alot

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 35 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, October 14, 2008 9:02 PM by free pron
orospucu
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 3:39 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 8:11 AM by mirc
thats nice project.. its name volta. thank you admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 8:13 AM by mirc
thats nice project.. its name volta. thank you admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 10:08 AM by kelebek
thats nice project.. its name volta. thank you admin
:)
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 10:09 AM by kelebek
thats nice project.. its name volta. thank you admin
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 10:26 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 1:19 PM by Sohbet
Selam.
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 1:40 PM by Chat
Thank you..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 6:14 PM by evden eve nakliyat
nice article
# How to configure URLScan 3.0 to mitigate SQL Injection Attacks
Wednesday, October 15, 2008 6:31 PM by Useful IIS/ASP.NET Information provided by Microsoft Support
Teams
The purpose of this blog post is to review the concept of SQL Injection attacks, to introduce URLScan
# How to configure URLScan 3.0 to mitigate SQL Injection Attacks
Wednesday, October 15, 2008 6:37 PM by IIS troubleshooting, administration, and concepts.
The purpose of this blog post is to review the concept of SQL Injection attacks, to introduce URLScan
# re: Filtering SQL injection from Classic ASP
Wednesday, October 15, 2008 7:03 PM by sohbet odalar
thamks you very nice..
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 3:43 AM by mirc
thank you.
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 4:14 AM by kelebek
Wonderful Stuff you post!! I LOVE it!

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 36 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, October 16, 2008 8:53 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 8:54 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:35 AM by Chat
Thank you
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:37 AM by Chat
Thank you LiderChat
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:44 AM by Bol Sohbet
<a href="http://www.chatmynet.com" title="bol sohbet , bolsohbet "class="style1">Bol Sohbet</a>
Thank You
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:55 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:55 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 11:56 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:45 PM by mirc
Good Thanks ..
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:46 PM by mrc indir
Good works
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:46 PM by msn indir
Veryyyyyyyyyy
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:50 PM by kz msn adresleri
Goooodd..
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:55 PM by sohbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 1:56 PM by sohbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 5:07 PM by izle kop
thanks very nice web site..
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 37 of 130

Thursday, October 16, 2008 5:47 PM by gazeteler

thanks for post!
# re: Filtering SQL injection from Classic ASP
Thursday, October 16, 2008 6:09 PM by Gazeteler
good article
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 2:18 AM by ZLEKOP
thank you very much
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 6:11 AM by kelebek
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 10:38 AM by Sohbet odalar
wonderful work professionalization
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 12:26 PM by erotik hikayeler
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 2:47 PM by ev arkada
thank you web admin
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 3:00 PM by cv rnei
thank you web site admin
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 3:14 PM by Oyun Hileleri
Thank You
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 5:17 PM by SOHBET
Thank you
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 5:18 PM by SOHBET
THANKS YOU WERRY MACH
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 5:19 PM by SOHBET
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 5:21 PM by sohbet
thansk you
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 5:22 PM by SOHBET
thankss
# re: Filtering SQL injection from Classic ASP
Friday, October 17, 2008 6:13 PM by nakliyat
thanks for all imformation
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 4:17 AM by Nakliyat
Nakliyat

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 38 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, October 18, 2008 4:26 AM by chat
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 4:26 AM by et
thank you site admini.
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 6:00 AM by mirc
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 6:01 AM by mirc
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 10:13 AM by geciktirici
thanks you!
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 11:22 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 11:25 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 18, 2008 9:24 PM by

thanks for all imformation
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 5:24 AM by sohbet odalar
thanks you
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 5:25 AM by mzik dinle
thanks.
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 5:26 AM by sohbet
thanks for all imformation
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 8:01 AM by sohbet chat
Thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 8:04 AM by online Film izle
Werry Good Thanks Admin
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 8:07 AM by online Film izle
Thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 8:15 AM by arkadas
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 1:10 PM by sohbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 39 of 130

thanks a lot
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 3:25 PM by et
thanks you good
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 3:26 PM by et
thanks you
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 3:57 PM by siki
Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 3:57 PM by siki
Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 5:22 PM by sohbet odalari
thanjs :)Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 9:19 PM by son dakika haber
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 10:18 PM by kelebek
Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 10:18 PM by kelebek
Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Sunday, October 19, 2008 10:19 PM by kelebek Script
Thank You Mery much.. I is Site..
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 3:13 AM by kameral chat
thank you
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 5:01 AM by cakir
thanks you
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:30 AM by kelebek cet
thanks you amk admin much
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:31 AM by kelebek cet
tesekkur ederim
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:31 AM by mirc
eyw admin much : )
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:37 AM by izmir sohbet
tamadir
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:42 AM by mirc

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 40 of 130

mirc
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 7:55 AM by SOHBET
thankss
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 8:16 AM by kelebek cet
thanks you much admin
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 8:17 AM by script mirc
thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 8:19 AM by izmir sohbet
thankss
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 9:11 AM by sohbet
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 12:30 PM by bakliyat
www.mistasgirisim.com.tr
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 12:41 PM by sevgilim
sper web sites
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 1:03 PM by sohbet chat
thank you very cool working very nice se
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 1:04 PM by sohbet chat
thank you
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 3:09 PM by Trke mirc
thanks..
# re: Filtering SQL injection from Classic ASP
Monday, October 20, 2008 5:01 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, October 21, 2008 2:02 AM by dizi izle
thanks you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 21, 2008 2:02 AM by dizi izle
thanks
# Tools that can help to secure SQL server security within web environment
Tuesday, October 21, 2008 3:57 AM by SQL Server Security, Performance & Tuning (SSQA.net)
When the SQL Server is faced to the internet then you have to take utmost care to ensure that the each
# re: Filtering SQL injection from Classic ASP
Tuesday, October 21, 2008 12:48 PM by chat
thank you site admin
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 41 of 130

Tuesday, October 21, 2008 1:41 PM by tv programlari

thanks you very good
# re: Filtering SQL injection from Classic ASP
Tuesday, October 21, 2008 3:47 PM by lida
thanks a lot
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 3:56 AM by amatr
thanks you :)
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 6:38 AM by kelebek cet sohbet
When the SQL Server is faced to the internet then you have to take utmost care to ensure that the each
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 12:54 PM by mirc indir
Good works..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 12:57 PM by mrc
For example your application
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 12:58 PM by mrc
Goodo works...
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 12:59 PM by mirc indir
thanks you very good
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 1:00 PM by msn indir
Goood thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 1:01 PM by kz msn adresleri
kz msn adresleri good works..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 1:02 PM by arkada
arkada arkada goood works..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 1:03 PM by koltuk ykama
koltuk ykama good..
# re: Filtering SQL injection from Classic ASP
Wednesday, October 22, 2008 1:09 PM by evden eve nakliyat
nice and helpful comments
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 9:54 AM by sohbet
thankss..
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 4:31 PM by Sohbet odas
Thank you for this wonderful work professionalization
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 6:16 PM by et
thank you

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 42 of 130

# re: Filtering SQL injection from Classic ASP

Friday, October 24, 2008 6:16 PM by sohpet
Thank you for this wonderful work professionalization
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 7:49 PM by sony vaio
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 8:33 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 8:41 PM by mirc
Hi thank you very much
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 10:49 PM by son dakika haber
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 10:49 PM by tuba bykstn
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 24, 2008 10:50 PM by son dakika haber
thks
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 6:04 AM by kelebek
thanks amk
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 8:25 AM by Driver
Thnx and mucuks. porfect
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 8:41 AM by evden eve nakliyat
thank you wery mach
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 11:48 AM by hekimboard
Thanks a lot.
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 1:54 PM by sohbet odalar
thanks baby.
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 1:55 PM by chat
wowww good.
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 1:56 PM by sohbet odas
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 2:18 PM by sohbet siteleri
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, October 25, 2008 2:18 PM by sohbet siteleri

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 43 of 130

thanks you good..

# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 7:02 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 7:03 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 7:03 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 7:07 AM by fetullah
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 8:36 AM by gebze evden eve nakliyat
thanks alot for help
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 9:06 AM by d cephe
thanks a lot.
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 9:50 AM by travesti
wowww good.
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 9:58 AM by Muhabbet
This is a really good resource and all in one guide!!! Helps you pick out the nasties on labels quickly too.
# re: Filtering SQL injection from Classic ASP
Sunday, October 26, 2008 4:45 PM by mirc
very nice
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 12:02 AM by indir
thnx.
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 4:16 AM by ara kiralama
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 7:19 AM by mirc
thanks..
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 9:50 AM by sohbet
Http://www.sevgisohbet.com/
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 9:51 AM by sohbet
thanks you very nuck. http://www.sevgisohbet.com
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 9:52 AM by sohbet
thanks.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 44 of 130

# re: Filtering SQL injection from Classic ASP

Monday, October 27, 2008 2:50 PM by football caricatures
great 10x
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 2:51 PM by resim
excellent info 10x
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 6:20 PM by sohbet
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 6:20 PM by sohbet
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 6:26 PM by sohbet
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Monday, October 27, 2008 8:29 PM by dizi izle
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 2:15 AM by [email protected]
thanks you eyw bilader ....
www.ekelebekfm.com
www.ruyaalem.net
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 2:18 AM by [email protected]
thanks you eyw bilader ....
www.ekelebekfm.com
www.ruyaalem.net
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 2:19 AM by kelebek sohbet
thanks you eyw bilader ....
www.ekelebekfm.com
www.ruyaalem.net
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 2:20 AM by [email protected]
thanks you eyw bilader ....
www.ekelebekfm.com
www.ruyaalem.net
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 2:28 AM by [email protected]
thanks you eyw bilader ....
www.ekelebekfm.com
www.ruyaalem.net
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 3:33 PM by tarih
thnkkss
# re: Filtering SQL injection from Classic ASP
Tuesday, October 28, 2008 9:25 PM by chatkeyfim
thnkkss

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 45 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, October 28, 2008 9:25 PM by chatkeyfim
thnkkss
http://www.chatkeyfim.net
# re: Filtering SQL injection from Classic ASP
Wednesday, October 29, 2008 4:54 AM by dizi izle
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, October 29, 2008 7:32 AM by Altn Fiyatlar
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, October 29, 2008 11:49 AM by chat
I really appreciate the test feeds you provided.
# re: Filtering SQL injection from Classic ASP
Wednesday, October 29, 2008 11:49 AM by chatgurbet
thanxx
# re: Filtering SQL injection from Classic ASP
Wednesday, October 29, 2008 4:59 PM by mirc
very nice thank you
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 1:46 AM by son dakika haber
thnks
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 1:47 AM by tuba bykstn
thanksss
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 4:20 AM by Chat
thanks you..
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 9:09 AM by hikaye
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 9:13 AM by dawidi
I'm sorry but this is *horrible* advice. You will end up discarding 90% of legitimate requests and not prevent a
single SQL injection.
Convert ' to '' if you're expecting a string, and convert to a number if you expect a number. Then build your SQL
statement from that.
Also, you seem to be having a slight spam problem here.
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 10:54 AM by hediyelik eya
thanks <a title="hedyelik eya" href="http://www.oltuincisi.com">hediyelik eya</a>
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 12:21 PM by sikis
hebele gubele
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 12:23 PM by sikis
ehan semne
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 12:25 PM by sikis

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 46 of 130

ehu hen messssss

# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 12:59 PM by gzel szler
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 5:09 PM by SOHBET
thanks a lot admins
# re: Filtering SQL injection from Classic ASP
Thursday, October 30, 2008 5:10 PM by SOHBET
tahnkssssssssssssssssssssss
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 8:54 AM by evden eve nakliyat
thankss superrr
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 8:59 AM by evden eve nakliyat
thnakaskakssa
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 9:03 AM by evden eve nakliyat
evden eve nakliyat
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 2:39 PM by gzel szler
thenks
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 6:33 PM by Sohbet
Thank's site admin
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 6:52 PM by Sohbet
ThankSssssssssss
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:03 PM by muhabbet
Excellent writeup Ethan, Im in the process of adopting this technique, as well as setting up an archive such as
the one in your screencast (supplemented by DEVONthink). I was curious, would it be possible to see a
screenshot of your archive, with <a href="http://www.cokmuhabbet.com" title="muhabbet">muhabbet</a> all the
fields open? that is to say, all the sub-categories showing. The reason Id like to see this, is you seem to have
developed
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:03 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:05 PM by muhabbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:06 PM by sohbet
thanks admin
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:08 PM by sohpet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 7:33 PM by adult forum

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 47 of 130

thanks for all

# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 8:32 PM by tuba bykstn
thanks
# re: Filtering SQL injection from Classic ASP
Friday, October 31, 2008 8:33 PM by son dakika haber
thnask
# re: Filtering SQL injection from Classic ASP
Saturday, November 01, 2008 9:34 PM by Emo
Thanqss
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:53 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 5:24 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 5:25 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 5:28 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 5:55 AM by sohbet
Very Nice Site ThankS admin... By_RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 5:56 AM by chat
ThankSss site adminciq By_RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:03 AM by Sohbet
Wauuuuu Very nice site :) By_RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:04 AM by mIRC
ThankS site admin By_RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:05 AM by et
Thank's site admin By_mIRC
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:07 AM by et
thanKs site admin:) By mIRC
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:09 AM by Sohbet
thankS site admin By RaLp_LaureN
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:12 AM by mirc
ThankS site admin Very nice site By mIRC
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:15 AM by mrc

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 48 of 130

Wauuu Very nice site :) By RoMeO

# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 8:28 AM by Sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 10:06 AM by evden eve nakliyat
thanks...
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 10:14 AM by yedigunum
thanks yours sun lo
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 11:35 AM by chat
sohbet
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 11:37 AM by kameral sohbet
Thanks for sharing your feedback! If your feedback doesn't appear right away, please be patient as it may take a
few minutes to publish - or longer if the blogger is moderating comments.
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 11:49 AM by sesli sohbet
sesli chat sesli sohbet chat seslichat seslisohbet sesli kzlar
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 11:50 AM by sesli sohbet
sesli chat seslichat seslisohbet seslisohbet sesli chat chat chat cet seslicet
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 11:52 AM by sesli sohbet
sesli chat sesli sohbet seslichat seslisohbet sesli chat cet
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 12:32 PM by mrc
Superb summary! It really useful for beginner blogger like. Sometimes, I get confused how to raise my traffic, but
after I read this, Ive got an inspiration! Thumbs up for you, I really like this article. Ive been added this site in my
technorati favorites so I can read another useful article
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 12:32 PM by mirc
Superb summary! It really useful for beginner blogger like. Sometimes, I get confused how to raise my traffic, but
after I read this, Ive got an inspiration! Thumbs up for you, I really like this article. Ive been added this site in my
technorati favorites so I can read another useful article By RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:02 PM by film izle
good sharing, mersi.
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:27 PM by merhaba
thanks ozgur abi
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:29 PM by son dakika haber
thnk
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:40 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 2:43 PM by sesli sohbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 49 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 3:18 PM by oyun
Thanks so much.
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:01 PM by sohbet
Thanks a lot
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 6:02 PM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Sunday, November 02, 2008 10:08 PM by chat
thanks lol
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 1:10 AM by hikaye
thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 4:49 AM by evden eve nakliyat
thanksss
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 4:50 AM by evden eve nakliyat
gthankssss
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 12:37 PM by etoplum
I suspect blogging world is becoming so small that we cant find such lucrative blogs like this one.
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 12:38 PM by etoplum
Thanks you
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 4:48 PM by radyo dinle
thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 6:31 PM by Samsun
Thanks yuo
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 6:31 PM by Samsun
Thanks you.
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 6:32 PM by Samsun
Danke
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 6:33 PM by Samsun
thanks Kerim
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 9:15 PM by son dakika haber
thanks
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 50 of 130

Monday, November 03, 2008 9:16 PM by tuba buyukustun

thnks
# re: Filtering SQL injection from Classic ASP
Monday, November 03, 2008 9:30 PM by gazeteler
thnks
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 3:06 AM by Sohbet odas
Thank you for this wonderful work professionalization
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 3:23 AM by Sohbet odas
Thank you for this wonderful work professionalization
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 8:18 AM by sve
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 11:11 AM by Adme
<a href="http://www.Muhabbetim.in" title="Muhabbet" target="_blank">Muhabbet</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 11:11 AM by Adme
<a href="http://www.Muhabbetim.in" title="Muhabbet" target="_blank">Muhabbet</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:11 PM by Sohbet
Thanks u Dor site adminS By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:16 PM by SOHBET
Wow Nice to hear this good new. I would to try it on my website.
Free Site Listing
By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:23 PM by sohbet
Thanks u Site admin di for u :) By mIRC
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:24 PM by sohbet
Thank you for this wonderful work professionalization By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:26 PM by SOHBET
I suspect blogging world is becoming so small that we cant find such lucrative blogs like this one.
By mIRC
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:27 PM by SOHBET
Thanks... I suspect blogging world is becoming so small that we cant find such lucrative blogs like this one.
by RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:28 PM by Sohbet
Thank's u Site admin :) I suspect blogging world is becoming so small that we cant find such lucrative blogs like
this one.
By RaLp_LaureN
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:31 PM by Sohbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 51 of 130

This is a really good resource and all in one guide!!! Helps you pick out the nasties on labels quickly too
By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:32 PM by Sohbet
Wow Nice to hear this good new. I would to try it on my website.
Free Site Listing
By mIRC
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:33 PM by SOHBET
Thank'S
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:34 PM by SOHBET
SaoL site admini oq yaa emi :) http://www.coktatli.net
By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:35 PM by SOHBET
Fine Thank's u :) By RaLp_LauReN
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:36 PM by SOHBET
I'm Like site :) Thanks Admin http://www.coktatli.net
By mIRC
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:37 PM by sohbet
http://www.coktatli.net
saoL site admini
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:38 PM by SoHBeT
ThnakS site admin http://www.coktatli.net
By RoMeO
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:39 PM by SOHbeT
Thanks canm :) http://www.coktatli.net
By mIRC
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 1:40 PM by sohBET
saoL cicim :) http://www.coktatli.net
By RaLp_LaureN
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 2:24 PM by sohbet
Thank's u Site admin :) I suspect blogging world is becoming so small that we cant find such lucrative blogs like
this one.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 2:25 PM by gzel szler
This is a really good resource and all in one guide!!! Helps you pick out the nasties on labels quickly too
x
# re: Filtering SQL injection from Classic ASP
Tuesday, November 04, 2008 2:41 PM by darwin
I second what Mendel wrote:
Suggestion to microsoft for blocking sql injection attacks
one of the significant differences between sql and msacces (jet) is that sql allows multiple commands in a single
sql statement.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 52 of 130

while that ability is very good, it's rarely if ever needed in a website.
I would like to suggest that microsoft release a patch to sql server that would add a specific permission on a user
to allow or deny the ability to run multi-command statments.
if that option was there, I think that 99% of websites could be protected just by blocking that ability
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 5:52 AM by tahsin
Sohbet
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 6:26 AM by sohbet
Thanks.. Admins
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 6:26 AM by sohbet
Thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 7:26 AM by sohbet
Thanks.. admin
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 7:49 AM by chat sohbet odalar
thanks site admin.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 9:08 AM by SICAK
thanks admin
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 11:04 AM by mirc
thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 11:34 AM by mirc
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 11:35 AM by mirc
thank you site admini..
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 11:36 AM by mirc
Thanks for sharing your feedback! If your feedback doesn't appear right away, please be patient as it may take a
few minutes to publish - or longer if the blogger is moderating comments.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 11:58 AM by film izle
sharing for thanks.. i wish the successfrom now on writing
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 1:57 PM by sohbet
thanks site admin.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 05, 2008 1:57 PM by mirc
tamam abi :)
# re: Filtering SQL injection from Classic ASP
Thursday, November 06, 2008 3:16 AM by SOHBET
thask you admns...
# re: Filtering SQL injection from Classic ASP
Thursday, November 06, 2008 3:17 AM by SOHBET

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 53 of 130

thask you admns...

# re: Filtering SQL injection from Classic ASP
Thursday, November 06, 2008 7:10 AM by et
thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, November 06, 2008 6:36 PM by iirler
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, November 06, 2008 7:40 PM by Muhabbet
Thanks.
# re: Filtering SQL injection from Classic ASP
Friday, November 07, 2008 6:29 AM by SOHBET
thanks you wery much admns...
# re: Filtering SQL injection from Classic ASP
Friday, November 07, 2008 7:55 PM by oyun
Thanks you really perfect one writing.I m always follow you.
# re: Filtering SQL injection from Classic ASP
Saturday, November 08, 2008 4:46 AM by chat
thanks you..
# re: Filtering SQL injection from Classic ASP
Sunday, November 09, 2008 7:59 AM by mirc
thanks site admin http://www.mircalem.net
By mIRC
# re: Filtering SQL injection from Classic ASP
Sunday, November 09, 2008 8:07 AM by mrc
thanks site admin http://www.mircalem.net
By RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 09, 2008 8:08 AM by mirc
thanks u site admin http://www.mircalem.net
By mIRC
# re: Filtering SQL injection from Classic ASP
Sunday, November 09, 2008 8:16 AM by mrc
thanks u site admin http://www.mircalem.net
By RoMeO
# re: Filtering SQL injection from Classic ASP
Sunday, November 09, 2008 6:22 PM by hikaye
Yes Thats is a good idea
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:27 AM by
Nice....... thank you very good.
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:36 AM by
thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:41 AM by chat
www.akenna.net

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 54 of 130

# re: Filtering SQL injection from Classic ASP

Monday, November 10, 2008 5:42 AM by web online
good really
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 6:31 AM by sohbet odalar
thanks you..
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 7:50 AM by sohbet
thank you very cool working very nice se
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 7:51 AM by iirler
goed idea
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:42 AM by cet
thank you very cool working very nice se
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 12:05 PM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 12:27 PM by Chat
Thanks a lot.
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 12:28 PM by muhabbet
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 12:30 PM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 12:52 PM by evden eve nakliyat
ekleyelim bakalm biz de buraya ne olucak sonumuz?
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 1:15 PM by sohbet
eyw saol cane
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 1:15 PM by sohbet
saol olm saol d ekle :D
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:31 PM by chat
thenks
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:35 PM by chat
thakns
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 5:36 PM by chat
thakns
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 6:39 PM by sohbet siteleri

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 55 of 130

thanks you good

# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 7:47 PM by telefon rehberi
Thanks....
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:27 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:28 PM by sohbet
thhanks
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:30 PM by sohbet odalar
thanks you
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:33 PM by sohbet odalar
thanks for youu....
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:34 PM by mirc
thannks youu.......
# re: Filtering SQL injection from Classic ASP
Monday, November 10, 2008 11:34 PM by mirc
tthankssss
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 5:11 AM by sohbet
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 3:48 PM by film izle
thanks for you.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 3:49 PM by film izle
thankss..
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 3:50 PM by film izle
thankks..
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 3:50 PM by film izle
thanksss
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 3:51 PM by film izle
thanks...
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 4:00 PM by film izle
thankkkss
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 4:28 PM by Sohbet odas
Thank you for this wonderful work professionalization
http://www.hossohbet.net

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 56 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, November 11, 2008 8:33 PM by resimtr
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 11, 2008 11:22 PM by indir
thnx.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 2:43 AM by chat
thanks.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 2:44 AM by chat
thanks youu
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 3:38 AM by chat
thankssss youuuu..
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 6:49 AM by chat
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 7:47 AM by mirc
thanks.. you site.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 7:48 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 11:39 AM by sohbet
Thanks.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 12, 2008 7:20 PM by mirc
thank you site admin.
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 4:13 AM by sohbet
thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 4:15 AM by sohbet
thank you site admini..
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 4:55 AM by erhan
<a href="http://www.Slmsohbet.Com" title="sohbet, chat, sohbet odalar, sohbet siteleri, bol sohbet"
target="_blank">sohbet</a>
tanx
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 4:55 AM by erhan
<a href="http://www.Slmsohbet.Com" title="sohbet, chat, sohbet odalar, sohbet siteleri, bol sohbet"
target="_blank">sohbet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 10:50 AM by dienk
thanks :)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 57 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, November 13, 2008 11:56 AM by hediyelik eya
thnx.
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 11:58 AM by hediyelik
thx..........
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 1:51 PM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 1:55 PM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Thursday, November 13, 2008 5:43 PM by evden eve nakliyat
evden eve nakliyat ile ilgili tm bilgilerin yaynland yer
# re: Filtering SQL injection from Classic ASP
Friday, November 14, 2008 4:05 AM by sohbet
thanks veryy much.
# re: Filtering SQL injection from Classic ASP
Friday, November 14, 2008 6:18 AM by mevlt ekeri,
thanks
# re: Filtering SQL injection from Classic ASP
Friday, November 14, 2008 9:28 AM by sa ekimi
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, November 15, 2008 1:38 PM by evden eve nakliyat
thanks a lot fo r help
# re: Filtering SQL injection from Classic ASP
Saturday, November 15, 2008 6:34 PM by mirc
thank you site admin..
# re: Filtering SQL injection from Classic ASP
Saturday, November 15, 2008 6:34 PM by mirc
thank you site admin..
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 3:29 AM by hediyelik eya
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 4:15 AM by online radyo
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 4:16 AM by online radyo
Very Good
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 7:05 AM by sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 12:21 PM by film izle
thanks for you.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 58 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, November 16, 2008 12:25 PM by film izle
very nice. for thanks.
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 7:34 PM by film seyret
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 7:36 PM by film seyret
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 16, 2008 9:09 PM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 17, 2008 4:21 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Monday, November 17, 2008 9:07 AM by film izle
thank you
# re: Filtering SQL injection from Classic ASP
Monday, November 17, 2008 3:25 PM by plastik
I love the blog, keep it up. I find this kind of stuff interesting. Seems like an honest mistake on the sales rep's part,
but it is something that shouldn't happen.
# re: Filtering SQL injection from Classic ASP
Monday, November 17, 2008 7:15 PM by sohbet
<a href="http://www.Slmsohbet.Com" title="sohbet, chat, sohbet odalar, sohbet siteleri, bol sohbet"
target="_blank">sohbet</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Monday, November 17, 2008 7:17 PM by kekom
tanx see you later
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 3:27 AM by gzel szler
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 4:01 AM by dizikeyif
Thank you very
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 4:09 AM by mirc indir
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 5:56 AM by toplist
toplist
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 11:30 AM by ligtv izle
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 2:04 PM by ark
good work. thanks a lot

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 59 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, November 18, 2008 2:06 PM by flash oyunlar
Thanks for post
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 5:39 PM by sohbet
thanks you <a href="http://www.sohbetgor.org" title="Sohbet" target="_blank">Sohbet</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 5:40 PM by sohbet
thanks you...
# re: Filtering SQL injection from Classic ASP
Tuesday, November 18, 2008 5:41 PM by sohbet
thanks for post
# re: Filtering SQL injection from Classic ASP
Wednesday, November 19, 2008 12:19 AM by RxL
thanks.. <a href="http://www.kelebeklove.com">kelebek</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, November 19, 2008 1:17 PM by SOHBET
thanks you wery much admns WELCOME
# re: Filtering SQL injection from Classic ASP
Wednesday, November 19, 2008 11:42 PM by mirclen
thanx very good
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 2:04 AM by sohbet
thanx you
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 3:36 AM by et
thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 3:44 AM by SOHBET
thanks you wery much admns WELCOME....
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 1:04 PM by sohbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 1:13 PM by sohbet
thanks a lot admins.
# re: Filtering SQL injection from Classic ASP
Thursday, November 20, 2008 5:42 PM by mirc
thanx you
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 12:54 AM by mirclen
thanx a lot admin.
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 3:28 AM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 1:50 PM by bedava chat
thanks.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 60 of 130

# re: Filtering SQL injection from Classic ASP

Friday, November 21, 2008 2:10 PM by Sohbet
thank you
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 2:15 PM by bedava chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 2:20 PM by sohbet odas
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 4:23 PM by mirc
Thanks..
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 4:30 PM by oyun
Thanks canm
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 5:49 PM by film izle
great article thank you for sharing.
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 5:55 PM by et
thanksss
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 6:40 PM by Driver
thnx. indir
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 7:23 PM by mirc
thanks you site admin..
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 7:23 PM by mirc
thankss
# re: Filtering SQL injection from Classic ASP
Friday, November 21, 2008 7:30 PM by mirc
thankss
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 2:47 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 2:48 AM by balimcafe
http://www.balimcafe.net
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 7:55 AM by sohbet
thanks you...
http://www.sohbetgor.org
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 9:35 AM by Hosting
Thank you Good article
http://www.izle18.org/
http://www.clupchat.net/

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 61 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, November 22, 2008 12:13 PM by ligtv izle
thanks.
<a href="http://www.ksfan.org" title="kayserispor, erciyesspor">kayserispor</a>
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 12:53 PM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 1:18 PM by Estetik
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 3:00 PM by Chat
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 3:26 PM by film izle
thanks for you.
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 4:26 PM by sohbet
Thanks a lot..
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 4:26 PM by sohbet
Thanks a lot..
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 4:30 PM by Chat
thanxx sites
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 4:33 PM by chat
thaxx sites very very good
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 6:35 PM by mirc
thakns
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 6:36 PM by mirc
thankss
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 7:49 PM by Driver
thnx.
# re: Filtering SQL injection from Classic ASP
Saturday, November 22, 2008 7:50 PM by program
thanks...
# re: Filtering SQL injection from Classic ASP
Sunday, November 23, 2008 1:08 PM by bedava chat
thanks you..
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 7:29 AM by Edebiyat
thanks for iis.net: )
http://www.edebiyathocasi.com

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 62 of 130

# re: Filtering SQL injection from Classic ASP

Monday, November 24, 2008 7:30 AM by Edebiyat
thans for iis.net : )
http://www.edebiyathocasi.com
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 7:43 AM by chat
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 1:44 PM by servet duman
cam balkon imalat yapan firma
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 1:45 PM by servet duman
cam balkon imalat yapan firma
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 3:59 PM by sohbet
thanks alot
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 3:59 PM by mirc
woow very good baby
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 4:00 PM by film indir
Thanks
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 4:19 PM by sohbet
Thanks a lot admin..
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 4:20 PM by sohbet
Thanks..
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 4:20 PM by sohbet
Thanks..
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 4:26 PM by cam balkon
thankss.
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 6:32 PM by kurye
thank you
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 6:33 PM by kurye
thank you very much
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 6:33 PM by kurye
thankss.thankss.thankss.thankss.
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 8:44 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 63 of 130

Monday, November 24, 2008 8:45 PM by Sohbet

anladn sen anladn
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 9:45 PM by motosiklet
very Good....ss
# re: Filtering SQL injection from Classic ASP
Monday, November 24, 2008 9:50 PM by motosiklet
*[http://www.motokolik.com motosiklet]
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 4:16 AM by ftkdogalgaz
very goog site lke it!
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 7:32 AM by lisem
Thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 12:23 PM by servet duman
cam balkon sistemleri
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 6:33 PM by Sohpet
Beautiful article! It's just what i needed to understand. Happy Day's.
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 7:30 PM by Lida
veryy Lidaa Good
# re: Filtering SQL injection from Classic ASP
Tuesday, November 25, 2008 9:20 PM by harikasohbet
Beautiful article! It's just what i needed to understand. Happy Day's.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 2:24 AM by sohpet
sohpet bidibidisohbet
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 2:24 AM by sohpet
fede
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 3:06 AM by ftkdgalgaz
its very beautiful thanks a lot.
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 5:47 AM by arrest
Thanks
ArresT
<a href="http://www.cekirdeksiz.com">Bilgi Bankas</a>
<a href="http://www.rechate.com">Sohbet Chat</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 6:28 AM by arkadalk
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, November 26, 2008 6:36 AM by Estetik
Hi Ricardo! Hope it's not too late to join the Latin American Blogroll. Our blog covers all types of news on Latin
America.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 64 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, November 27, 2008 8:14 PM by SohbetxL
Ask Siirleri
# re: Filtering SQL injection from Classic ASP
Friday, November 28, 2008 10:07 AM by chat odalar
Thanks
# re: Filtering SQL injection from Classic ASP
Friday, November 28, 2008 7:20 PM by kelebek
Thanks you really perfect one writing.I m always follow you.
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 1:41 AM by Chat, Sohbet, Muhabbet, Muhabbegulu, ChatSohbet, Chatkeyfim,
Kerizimchat, aSkozeL
Chat, Sohbet, Muhabbet, Muhabbegulu, ChatSohbet, Chatkeyfim, Kerizimchat, aSkozeL
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 1:41 AM by Sohbet
Chat Sohbet
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 1:41 AM by Sohbet
Chat Sohbet
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 5:08 AM by zirve
thans
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 5:08 AM by zirve
zirve, toplist, dizin, site ekle
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 7:52 AM by saglik
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 7:38 PM by ekscam
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, November 29, 2008 7:38 PM by ftkcambalkon
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 30, 2008 11:26 AM by diet recipes
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, November 30, 2008 8:51 PM by sohbet
thanks you...
# re: Filtering SQL injection from Classic ASP
Monday, December 01, 2008 4:41 PM by funny pictures
10x dude for sql ;)
# re: Filtering SQL injection from Classic ASP
Tuesday, December 02, 2008 8:35 PM by burun estetigi
At first I thought it was an attempt to copy the Wii with the avatar. But there are some useful improvements.
# re: Filtering SQL injection from Classic ASP
Wednesday, December 03, 2008 1:52 PM by servet duman

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 65 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 03, 2008 1:52 PM by servet duman
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 03, 2008 6:22 PM by Gogus Estetigi
Finally something positive from the ano maSSistas, thank you ano Franco, I will change the word fighter as soon
as I can. Dont get confuse, it means I fight for democracy in my country, off course you already new this.
# re: Filtering SQL injection from Classic ASP
Wednesday, December 03, 2008 7:24 PM by rya
Fantastic games. I liked them. Thank you very much
www.fulsohbet.net
# re: Filtering SQL injection from Classic ASP
Wednesday, December 03, 2008 8:37 PM by Cam Balkon
Sorry ... I somehow edited only the first one and missed the next two.
# re: Filtering SQL injection from Classic ASP
Thursday, December 04, 2008 3:57 AM by SOHBET
thanks you wery much admns WELCOME
# re: Filtering SQL injection from Classic ASP
Thursday, December 04, 2008 1:44 PM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Thursday, December 04, 2008 2:44 PM by Mirc indir
thankss
# re: Filtering SQL injection from Classic ASP
Friday, December 05, 2008 3:36 AM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Friday, December 05, 2008 3:36 AM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Friday, December 05, 2008 6:02 AM by ftkcambalkon
thank you it is very well
# re: Filtering SQL injection from Classic ASP
Monday, December 08, 2008 2:18 AM by sohbet odalar
<a href="http://www.videodukkani.net" title="lig tv, bedava lig tv izle, ligtv seyret" target="_blank">bedava lig
tv</a>
thanks
# re: Filtering SQL injection from Classic ASP
Monday, December 08, 2008 2:19 AM by youtube izle
thoyk
# re: Filtering SQL injection from Classic ASP
Monday, December 08, 2008 4:28 PM by sohbet
Thanks a lot
# re: Filtering SQL injection from Classic ASP
Monday, December 08, 2008 4:29 PM by sohbet
Thanks a lot..
# re: Filtering SQL injection from Classic ASP
Tuesday, December 09, 2008 5:46 PM by muhabbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 66 of 130

thank
# re: Filtering SQL injection from Classic ASP
Tuesday, December 09, 2008 5:47 PM by muhabbet
sddsdsffgh
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 9:36 AM by Sohbet
thanks youu
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 9:38 AM by Chat
thankssss
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 9:39 AM by Sohbet Odalar
thanks youu .
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 9:39 AM by Mirc
thankls
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 9:40 AM by Mrc
thkks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 5:25 PM by kelebek sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 6:37 PM by ruya
thanks you much admin
# re: Filtering SQL injection from Classic ASP
Wednesday, December 10, 2008 8:52 PM by sohbet kanallar
thanks for everything...
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 7:05 AM by taxi kilic
it s very good working thanks
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 7:07 AM by taxi kilic
o la mi amor thanks alot
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 9:13 AM by servet duman
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 1:10 PM by Cinsel Sohbet
thanksss
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 1:47 PM by [email protected]
Thanks you!
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 8:18 PM by ekscam
cam balkon,balkony,glazng,katlanr cam,teras camlama,cafe camlama,k bahcesi,vitrin cam,cam kap,istanbul
cam balkon,cam balkon istanbul,balkon cam

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 67 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, December 11, 2008 9:10 PM by Sohbet
Thanks You
# re: Filtering SQL injection from Classic ASP
Thursday, December 11, 2008 9:11 PM by Sohbet
Sohbet, Chat,
# re: Filtering SQL injection from Classic ASP
Friday, December 12, 2008 7:27 AM by mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Friday, December 12, 2008 7:27 AM by mrc
thank you
# re: Filtering SQL injection from Classic ASP
Friday, December 12, 2008 2:52 PM by cam balkon
teekkrler thanks
# re: Filtering SQL injection from Classic ASP
Friday, December 12, 2008 2:53 PM by cam balkon
cam balkon sistemleri cam balkon hakknda her ey
thank you very much
# re: Filtering SQL injection from Classic ASP
Saturday, December 13, 2008 3:31 AM by mrc,mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, December 13, 2008 3:32 AM by sohbet,chat
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, December 13, 2008 5:27 PM by driver
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, December 14, 2008 3:29 PM by tv
thanks dependent on this OS, why dont you buy it my
# re: Filtering SQL injection from Classic ASP
Monday, December 15, 2008 10:14 AM by plastik cerrahi
Great article My preference for submission software is articlespostrobot.com because of the many features and
the fact I dont have to enter in capachas I can just set and walk away
# re: Filtering SQL injection from Classic ASP
Monday, December 15, 2008 10:15 AM by Evkur
Great article My preference for submission software is articlespostrobot.com because of the many features and
the fact I dont have to enter in capachas I can just set and walk away
# re: Filtering SQL injection from Classic ASP
Monday, December 15, 2008 4:51 PM by tarih
danke shurn, thank you for site
# re: Filtering SQL injection from Classic ASP
Monday, December 15, 2008 4:51 PM by Chat
Thank You Admin
# re: Filtering SQL injection from Classic ASP
Monday, December 15, 2008 8:09 PM by mine
thanks if something like 'end' is blocking you, it might inadvertently be part of your request. I hit this in my
ASP.net session cookie :)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 68 of 130

# re: Filtering SQL injection from Classic ASP

Monday, December 15, 2008 10:46 PM by chat
The fact that peace-lovers cannot stop a war should not be held against them. Those who are determined to kill,
rape, maim and plunder will find a way to do so, somewhere, some time, somehow. [Their] beliefs, thoughts and
feelings are as real and valid as yours, mine or anyone else's. You cannot crush out of existence that which you
do not like. Thakns
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 6:00 AM by Sohbet
Thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 6:01 AM by Sohbet
Thank You
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 7:45 AM by sohbet odalar
thank you very much
<a href="http://www.sohbet-odalari.biz" title="sohbet odalari" target="_blank">Sohbet odalar</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 7:45 AM by sohpet
sohbet odalar
#re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 8:07 AM by mrc,mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 8:08 AM by sohbet,chat
thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 4:52 PM by Ogn
www.KumsalChat.com ThakS You...
# re: Filtering SQL injection from Classic ASP
Tuesday, December 16, 2008 4:52 PM by Ogn
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 2:17 AM by adriana lima
thanks mucu yafru
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 4:34 AM by sohbet odalar
thank you very much
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 4:35 AM by sohbet odalar
thank very very much
<a href="http://www.sohbet-odalari.biz" title="sohbet odalar" target="_blank">sohbet odalari</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 4:36 AM by sohbet odalar
sohbet odalar
#re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 4:36 AM by sohbet odalar
thank you very much
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 4:37 AM by sohbet odalar

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 69 of 130

thank you very much

http://www.sohbet-odalari.biz
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 5:05 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 5:10 AM by [email protected]
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 7:44 AM by Lida
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 11:23 AM by Chat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 11:24 AM by Chat
http://www.sohbetli.com
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 12:04 PM by Sohbet
Thank You http://www.sohbetli.com
http://www.sohbetli.com
(y KeFeN_____ )
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 12:05 PM by Sohbet
Thank You http://www.sohbetli.com
http://www.sohbetli.com
(y KeFeN_____ )
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 12:05 PM by Sohbet
Thank You http://www.sohbetli.com
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 12:06 PM by Sohbet
Thank You http://www.sohbetli.com
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 12:06 PM by Sohbet
http://www.sohbetli.com
# re: Filtering SQL injection from Classic ASP
Wednesday, December 17, 2008 8:31 PM by laptop battery
My preference for submission software is articlespostrobot.com because of the many features and the fact I dont
have to enter in capachas I can just set and walk away
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 2:15 AM by mirc
Thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 3:34 AM by SesliCity
Sesli Sohbet,Kamerali Chat,Sesli Siteler,Sesli Chat
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 6:56 AM by servet duman
cam balkon

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 70 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, December 18, 2008 6:58 AM by pendikbilisim
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 6:59 AM by ekscambalkon
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 2:26 PM by chat
thank you <a href="http://www.trstar.net">Chat</a>
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 6:57 PM by indir
thanks you good
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 7:00 PM by indir
Sesli Sohbet,Kamerali Chat,Sesli Siteler,Sesli Chat
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 7:00 PM by sohbet
thanks you good
# re: Filtering SQL injection from Classic ASP
Thursday, December 18, 2008 7:01 PM by sohbet
thanks good beatiful ..
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 7:40 AM by mrc,mirc
thanks.
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:11 AM by chat
chat, sohbet
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:12 AM by chat
chat
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:13 AM by chat
sohbetci
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:14 AM by chat
arthur
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:15 AM by sohbet
zodiack
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:17 AM by sohbet odalar
marcz
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:18 AM by sohbet odalar
sohbet odalar
#re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:18 AM by sohbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 71 of 130

sohbet39
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 9:19 AM by sohbet odalar
sohbet
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 11:02 AM by hekimboard
thanks a lot.
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 1:47 PM by sohbet
thanks <a href="http://www.trtsar.net" title="chat, sohbet chat">sohbet odalari</a>
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 1:50 PM by chat
thnakss
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 1:51 PM by chat
tk..
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 1:51 PM by sohbet odalari
tkanss
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 6:44 PM by alcak
thanks yourss...
# re: Filtering SQL injection from Classic ASP
Friday, December 19, 2008 7:01 PM by tv izle
thanks yourss
# How IIS can help with SQL Injection
Saturday, December 20, 2008 12:48 AM by Wade Hilmo
2008 has been a busy year for attackers exploiting SQL Injection vulnerabilities in web applications
# re: Filtering SQL injection from Classic ASP
Saturday, December 20, 2008 9:06 AM by dizi izle
thanks
<a href="http://www.dizifrm.com" title="diziizle, dizi" target="_blank">dizi izle</a><a
href="http://www.diziizle.gen.tr" title="diziizle, dizi" target="_blank">dizi izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 8:23 AM by superalem
thanks you.
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 8:24 AM by superalem
thnaks :)
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 9:13 AM by sohbet
thnakx lol
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 9:14 AM by sohbet
http://www.yazilisohbet.net
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 11:31 AM by mirc
Thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 72 of 130

<a href="http://www.mirc.in" title="trke mir, mirc ykle, mrc sohbet, mirc script, sohbet script, mir, mrc, mr,
mirc indir">mirc</a>
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 12:06 PM by sohbet
sohbet thanx
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 12:06 PM by sohbet
thanx
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 12:27 PM by chat
Thanks..
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 6:51 PM by ssk sorgulama
see you later
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 7:04 PM by sohbet odalar
thanks you..
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 8:32 PM by kelebek script
thanks you .
# re: Filtering SQL injection from Classic ASP
Sunday, December 21, 2008 9:06 PM by Orjinal Lida
thank you lida
# Filtering for SQL Injection on IIS 6 and earlier
Monday, December 22, 2008 5:50 AM by iis
This article is specific to IIS 6 and earlier. If you are using IIS 7.0 or later, please see this article
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 5:54 AM by son dakika haber
thanks
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 7:12 AM by cam balkon
see you later
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 7:12 AM by cam balkon
see you later
thankss.. youu alte
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 8:40 AM by ssk sorgulama
see you later tanx admin
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 11:03 AM by Chat
http://www.sohbetli.com
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 11:49 AM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 7:01 PM by Orjinal Lida
thank you orjinal lida

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 73 of 130

# re: Filtering SQL injection from Classic ASP

Monday, December 22, 2008 7:02 PM by Lida
thank you baby
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 7:34 PM by haitia
eis.
# re: Filtering SQL injection from Classic ASP
Monday, December 22, 2008 7:35 PM by Sohbet odalar
thank`s
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 12:55 AM by dll ocx
thanks.after we know about sql injection,lots repeat work to do.
but this will be helpful.
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 3:19 AM by Cevap
you have a site that gets better with content, then such a dynamic will really do wonders for you and for those you
cater to.
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 7:51 AM by EKS CAM BALKON
Cam balkon bizim iimiz.Uzman kadromuz ve hizmetimizle bir numarayz...
0216 517 22 16 EKS CAM BALKON
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 8:09 AM by EKS CAM BALKON
stn kalitemiz ve personelimizle hizmetinizdeyiz..
EKS CAM BALKON
0216 517 22 16
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 8:10 AM by EKS CAM BALKON
stn kalitemiz ve personelimizle hizmetinizdeyiz..
EKS CAM BALKON
0216 517 22 16
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 8:22 AM by EKS CAM BALKON
stn kalitemiz ve personelimizle hizmetinizdeyiz..
EKS CAM BALKON
0216 517 22 16
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 2:54 PM by sohbet
Thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 2:55 PM by sohbet
Thanks...
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 2:55 PM by sohbet
Thanks...
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 2:57 PM by sesli Chat
Sesli Chat
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 74 of 130

Tuesday, December 23, 2008 3:36 PM by chat

thanks you
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 3:55 PM by chat
thanks you eweel
# re: Filtering SQL injection from Classic ASP
Tuesday, December 23, 2008 6:14 PM by Chat
this asp code change php ?
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 5:38 AM by Chat sohbet
Excellent Gallery!!
Thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 8:39 AM by muhabbet
Thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 8:40 AM by muhabbet
Thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 8:59 AM by Mrc
Thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 10:12 AM by trke mirc
nice letter thanx man.
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 10:57 AM by tuba bykstn
thanks yahu
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 1:22 PM by chat
Thanks Admin
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 1:23 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 24, 2008 11:01 PM by sesli sohbet
thanks good method
# re: Filtering SQL injection from Classic ASP
Thursday, December 25, 2008 4:37 AM by gzel szler
thanks admin good very very nice
# re: Filtering SQL injection from Classic ASP
Thursday, December 25, 2008 7:19 AM by sohbet
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk sorgulama</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 3:50 AM by seslichat
thank you :)
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 3:51 AM by seslichat

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 75 of 130

thank you...
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 9:30 AM by Rap
thanks a lot...
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 11:52 AM by muhabbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 11:52 AM by muhabbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 11:53 AM by muhabbet
thanks a lot
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 11:55 AM by web tasarm
thanks.
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 11:59 AM by web tasarm
thanks
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 12:02 PM by web tasarm
thanks for you.
# re: Filtering SQL injection from Classic ASP
Friday, December 26, 2008 2:43 PM by et
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 3:24 AM by komedi
Thanks canm
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 9:47 AM by et
Took notice of this thing and really excited about the outcomes.
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 12:13 PM by SOHBET
thanks you wery much admns WELCOME....
caglar
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 12:35 PM by chat
thanks you admin
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 12:35 PM by chat
thanks you admin
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 12:36 PM by chat
thanks you admin
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 12:36 PM by chat
saol a..q

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 76 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, December 27, 2008 3:39 PM by et
Great article My preference for submission software is articlespostrobot.com because of the many features and
the fact I dont have to enter in capachas I can just set and walk away.
# re: Filtering SQL injection from Classic ASP
Saturday, December 27, 2008 3:41 PM by et
thanks for everthing..
# re: Filtering SQL injection from Classic ASP
Sunday, December 28, 2008 11:13 AM by CHAT
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, December 28, 2008 5:01 PM by mine
thanks adminn
# re: Filtering SQL injection from Classic ASP
Monday, December 29, 2008 4:51 AM by what
Thanks <a href="http://www.moralsiz.com">moralsiz</a><a href="http://www.modifiyex.net">modifiye</a>
# re: Filtering SQL injection from Classic ASP
Monday, December 29, 2008 4:52 AM by what
Thanks. <a href="http://www.modifiyex.net">modifiye</a><a href="http://www.moralsiz.com">moralsiz</a>
# re: Filtering SQL injection from Classic ASP
Monday, December 29, 2008 4:53 AM by moralsiz
http://www.modifiyex.net
# re: Filtering SQL injection from Classic ASP
Monday, December 29, 2008 9:38 AM by sava oyunlar
have followed your writing for a long time.really you have given very successful information.
In spite of my english trouale,I am trying to read and understand your writing.
And am following frequently.I hope that you will be with us together with much more scharings.
I hope that your success will go on.
# Filtering SQL injection from Classic ASP &laquo; Aspwebhosting&#8217;s Blog
Monday, December 29, 2008 9:51 PM by Filtering SQL injection from Classic ASP Aspwebhostings Blog
Pingback from Filtering SQL injection from Classic ASP &laquo; Aspwebhosting&#8217;s Blog
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 3:14 AM by film izle
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 6:20 AM by ssk sorgulama
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk sorgulama</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 10:21 AM by
thanks so much/.
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 11:17 AM by SoHBeT
tertip eyw saol vallaha makbule girdi :D
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 4:50 PM by SELECT <script
SELECT <script
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 77 of 130

Tuesday, December 30, 2008 5:14 PM by Resimler

thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, December 30, 2008 5:14 PM by Resimler
thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 6:22 AM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:36 AM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:37 AM by sohbet
thankS
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:37 AM by sohbet
thankS
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:39 AM by sohbet
thankS babby
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:40 AM by sohbet
thanKS babby
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:43 AM by Sohbet
thank's and happy new year
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 7:44 AM by Sohbet Chat
thank's and happy new year
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:25 AM by Sohbet
thank you are you wery comed baby :D
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 2:53 PM by seslisohbet
alfanso1976: BLYORUM
alfanso1976: KARDE
#re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 2:53 PM by seslisohbet
alfanso1976: BLYORUM
alfanso1976: KARDE
alfanso1976: BZDE ZEL YOKK
alfanso1976: ZATEN
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 5:58 PM by what seo asp
what asp seo net ?
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:01 PM by okey oyna
thank's and happy new year

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 78 of 130

# re: Filtering SQL injection from Classic ASP

Wednesday, December 31, 2008 9:02 PM by bedava okey oyna
thank's and happy new year
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:32 PM by tahsin
Sohbet Et
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:33 PM by tahsin
Sohbet Et
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:34 PM by Sohbet Et
Sohbet Et
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:35 PM by Kiralk Bobcat
Kiralk Bobcat
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:35 PM by Kiralk 1cx
Kiralk 1cx
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:36 PM by Mini Yukleyici
Mini Yukleyici
# re: Filtering SQL injection from Classic ASP
Wednesday, December 31, 2008 9:38 PM by kiralk 1cx
Kiralk 1cx
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 5:04 AM by dizi izle
www.lider-blog.blogspot.com
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 5:04 AM by dizi izle
saolmuc
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 6:41 AM by Limewire
thank you...very very good!
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 9:13 AM by sohbet odalar
thanks you sites
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 9:14 AM by okey oyna
mrci
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 9:14 AM by chat
kabul etsene amk :DS
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 9:14 AM by okey oyna
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 9:14 AM by chat
kabul etsene amk :DS

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 79 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, January 01, 2009 10:58 AM by mammed
<a href="http://www.sohbeta.net" title="sohbet, chat, mardin">sohbet</a> <a href="http://www.sohbeta.net" title="chat, sohbet, mardin">chat</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 11:35 AM by battery
http://www.batteryfast.co.uk/
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 11:36 AM by battery
http://www.batteryfast.co.uk/
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 12:55 PM by IRCask.Com
<a href="http://www.ircask.com" title="Sohbet, Chat, Sohbet odalar" target="_blank">Sohbet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 12:57 PM by IRCask.Com
<a href="http://www.ircask.com" title="Sohbet, Chat, Sohbet odalar" target="_blank">Sohbet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 1:41 PM by muhabbet
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 1:41 PM by muhabbet
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:00 PM by Sohbet
thanks..
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:01 PM by Sohbet
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:02 PM by yonja
its good i will use it thanks a lot.
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:02 PM by yonja
nice gallery very wonderfull
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:05 PM by yonja
thank you admin.
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:06 PM by sohpet
thank you.
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:12 PM by sohpet
thank you my admin . (:
# re: Filtering SQL injection from Classic ASP
Thursday, January 01, 2009 4:13 PM by chat
thak you.
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 80 of 130

Friday, January 02, 2009 3:40 AM by ilker

<a href="http://www.turkarkadas.de" title="trkarkada" target="_blank">trkarkada</a>
# re: Filtering SQL injection from Classic ASP
Friday, January 02, 2009 3:40 AM by turkarkadas
thankss forr com
# re: Filtering SQL injection from Classic ASP
Friday, January 02, 2009 5:04 AM by sohbet
thanksssssssss
# re: Filtering SQL injection from Classic ASP
Friday, January 02, 2009 6:15 AM by gzel szler
thankss youuu sevdacafem
# re: Filtering SQL injection from Classic ASP
Friday, January 02, 2009 8:09 PM by bizimlesohbet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 02, 2009 8:09 PM by bizimlesohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 5:37 AM by SesliCity
Sesli Sohbet
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 7:50 AM by dizi izle
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 7:50 AM by dizi izle
thanks..
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:44 AM by chat
thansk you
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:45 AM by sohbet odalari
kabul etseneee
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:50 AM by iir
<a href="http://www.siirbahcesi.net" rel="nofollow">siir</a>
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:51 AM by iir
thank you.
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:51 AM by iir
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:52 AM by siir
thank you.
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 9:52 AM by siir
Thanks for sharing your feedback! If your feedback doesn't appear right away, please be patient as it may take a
few minutes to publish.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 81 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, January 03, 2009 9:54 AM by okey indir
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 11:57 AM by sohbet siteleri
<a href="www.beyzam.net">seviyeli sohbet</a>
<a href="www.chatnur.com">seviyeli chat</a>
thanks for the info
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 1:29 PM by SohbeT
Saol Canm benim
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 6:08 PM by sohbet
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 6:12 PM by sohbet
This issue is very job came in handy thank you. Well done..
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 7:39 PM by spor haberleri
best regards
# re: Filtering SQL injection from Classic ASP
Saturday, January 03, 2009 7:50 PM by sohbet
thankss...
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 6:28 AM by ftkehliyet
thanks alot
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 6:29 AM by ftkehliyet
very good
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 7:43 AM by sohbet odalari
thansk you sites mcx
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 10:39 AM by dizi izle
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 10:39 AM by dizi izle
thanks very beauiful site
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 10:56 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 10:56 AM by spor haberleri
thanks very beauiful site
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 11:39 AM by spor haberleri
thanks admin...
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 82 of 130

Sunday, January 04, 2009 1:19 PM by film izle

thanks very nice web site..
# re: Filtering SQL injection from Classic ASP
Sunday, January 04, 2009 1:20 PM by film izle
thanks very nice web site ...
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 1:44 PM by hosting
thank you very much
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 1:44 PM by hosting
thank you ver much
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 3:17 PM by kzlk zar
thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 3:47 PM by ssk sorgulama
tanx see you later
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 3:48 PM by ssk sorgulama
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk sorgulama</a>
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 3:57 PM by turkchat
thanks you..
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 6:29 PM by sohbet
my no asp web site :(
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 10:13 PM by Sohbet
thanks a lot very good Yes Thats is a good hit
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 10:13 PM by Sohbet
thx
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 10:17 PM by Sohbet
thx
# re: Filtering SQL injection from Classic ASP
Monday, January 05, 2009 10:29 PM by sohbet odalari
thanks for the info
# re: Filtering SQL injection from Classic ASP
Tuesday, January 06, 2009 12:07 PM by sohbet odalar
<a href="http://www.sohbet39.com" title="Sohbet, Sohbet odalar" target="_blank">sohbet odalar</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, January 06, 2009 12:08 PM by sohbet odalar
<a href="http://www.sohbet39.com" title="Sohbet, sohbet odalar" target="_blank">Sohbet odalar</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, January 06, 2009 4:07 PM by Sevgi
ThanX For Admin

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 83 of 130

# re: Filtering SQL injection from Classic ASP

Wednesday, January 07, 2009 3:59 AM by Estetik
a href="http://www.buruncerrahisi.com" title="Burun Estetii" target="_blank">Burun Estetii Ameliyatlar</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 9:07 AM by sohbet
This issue is very job came in handy thank you. Well done..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 9:37 AM by trke mirc
nice letter thanx man ;)
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 10:49 AM by fatih
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 10:52 AM by EKS CAM BALKON
stn kalitemiz ve personelimizle hizmetinizdeyiz..
EKS CAM BALKON SSTEMLER
0216 517 22 16
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 12:12 PM by kelebek
thanks you.AnarChy
# re: Filtering SQL injection from Classic ASP
Wednesday, January 07, 2009 1:51 PM by video klip
***
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 08, 2009 6:20 AM by ssk sorgulama
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk sorgulama</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Thursday, January 08, 2009 11:36 AM by Sohbet Chat Sohbet Et
<a href="www.sohbetinadi.com/">Sohbet Chat Sohbet Et</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 08, 2009 11:38 AM by tahsin
<a href="www.sohbetinadi.com/">Sohbet Chat Sohbet Et</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 08, 2009 6:28 PM by kelebek
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 08, 2009 6:45 PM by kelebek
Thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 6:00 AM by bizimlesohbet
Thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 6:02 AM by bizimlesohbet
ThanX For Admin.
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 9:43 AM by SohbetX

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 84 of 130

<a href="http://www.sohbetx.com">sohbet odalar</a>

<a href="http://www.cafemirc.com">mirc</a>
thanks my friend..
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 9:44 AM by SohbetX
<a href="http://www.sohbetx.com">sohbet odalar</a>
<a href="http://www.cafemirc.com">mirc</a>
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 11:06 AM by battery
http://www.batteryfast.com/
http://www.batteryfast.co.uk/
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 11:19 AM by battery
http://www.batteryfast.com/
http://www.batteryfast.co.uk/
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 12:36 PM by cet
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 4:25 PM by msn avatarlar
good article thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 09, 2009 5:48 PM by mirc
mirc,mrc,mirc indir, mirc yukle
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 5:16 AM by mirc
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 7:01 AM by mirc
mirc mrc mir www.mirckolik.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 7:19 AM by sohbet
sohbet mirc thanx
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 7:21 AM by sohbet
than you feedback
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 7:21 AM by sohbet
www.sanalmirc.com
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 8:27 AM by iir
http://www.siirbahcesi.net/
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 8:28 AM by siir
http://www.siirbahcesi.net/
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 8:29 AM by siir
thank you...very very good!

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 85 of 130

# re: Filtering SQL injection from Classic ASP

Saturday, January 10, 2009 1:08 PM by netlog
netlog
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 1:09 PM by netlog
<a href="http://www.netyap.com" title="netlog" target="_blank">netlog</a>
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 1:11 PM by netlog
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 1:12 PM by turk chat
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 1:13 PM by turkchat
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 1:13 PM by turkchat
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 3:28 PM by Cet
thank you..
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 3:28 PM by Cet
thank you..
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 3:50 PM by cam balkon
thank you...
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 4:19 PM by lig tv
www.avrupachat.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 4:21 PM by lig tv
http://www.avrupachat.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 4:21 PM by lig tv
http://www.avrupachat.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 4:22 PM by lig tv
http://www.avrupachat.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 5:05 PM by bizimlesohbet
Way to spread the FUD, Joseph. How about pulling your head out of the sand and moving on with life
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 5:05 PM by bizimlesohbet
Way to spread the FUD, Joseph
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 5:11 PM by gney evciman
ofis mobilya bro mobilyaofis mobilyas

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 86 of 130

#re: Filtering SQL injection from Classic ASP

Saturday, January 10, 2009 5:12 PM by gney evciman
ofis mobilya
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 6:44 PM by oyun
have followed your writing for a long time.really you have given very successful information.
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 9:51 PM by ben
Dost mIRC edebiyat siir hikaye sarki turku sair ruya tabirleri guzel sozler anlamli sozler youtube izlesene video
sevgi halk turkuleri halk siirleri halk ozanlari ahmed arif yunus emre mevlana attila ilhan yilmaz erdogan ahmet
kaya necip fazil mehmet akif cemal sureya edip cansever sunay akn can yucel can dundar
www.Dostyakasi.com
www.dostyakasi.net
www.turku.tk
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 9:52 PM by ben
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 9:52 PM by ben
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 10, 2009 10:19 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 6:22 AM by iphone
Thank you very much for this information. I like this site
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 7:43 AM by sohbet odalar
Thanks for the great work. !
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 8:48 AM by turkchat
<a href="http://www.netyap.com" title="turkchat" target="_blank">turkchat</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 8:49 AM by turkchat
turkchat
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 8:52 AM by netlog
netlog
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 9:07 AM by chat siteleri
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 11:33 AM by Rusya
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 1:39 PM by chat
thanks you sites
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 1:40 PM by chat

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 87 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 9:56 PM by sohbet odalar
thank you
# re: Filtering SQL injection from Classic ASP
Sunday, January 11, 2009 9:56 PM by sohbet odalar
thanks you sites
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 4:27 AM by oto kiralama
thanks you sites
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 4:56 AM by mirc
mirc, mrc
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 5:40 AM by chat
This is an impressive list, I cannot believe there are sites here I have never heard of. Some of them have some of
the best resources I have seen in a while.
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 5:41 AM by chat
thanks you four
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 6:49 AM by isil islem
veryy good.
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 8:31 AM by dizi izle
thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 8:32 AM by dizi izle
great website thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 3:25 PM by chat
thx. man kissed you.
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 4:00 PM by ssk
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 5:55 PM by chat
Sesli Chat Sohbet <a target="_blank" href="www.cfhaber.com/.../a>
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 8:45 PM by ahmed arif
thanks admin
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 10:40 PM by Sohpet
thanks admin
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 10:44 PM by Sohpet
thank you . . .

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 88 of 130

# re: Filtering SQL injection from Classic ASP

Monday, January 12, 2009 11:16 PM by Chat
Thanks you for sharing..
# re: Filtering SQL injection from Classic ASP
Monday, January 12, 2009 11:17 PM by Chat
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 3:48 AM by trke mirc
i dont like asp. think forewr PHP.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 5:26 AM by oyun oyna
thanks this post guyss
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 5:28 AM by oyun oyna
Nazim's IIS Security Blog
All things security ...
Sign in | Join | Help Home RSS Atom Comments RSS
Search
Tags
IIS6 IIS7 IPv6 RequestFiltering SQL injection UrlScan Windows Security
Navigation
Home
Get Started
Learn
Downloads
Blogs
Forums
Archives
October 2008 (2)
August 2008 (1)
June 2008 (4)
May 2008 (1)
April 2008 (2)
Filtering SQL injection from Classic ASP
SQL injection may be over a decade old, but even the best of us need a reminder once in a while. You should
always validate input to your applications! There isnt a one size fits all solution to sanitizing input, so I will
attempt to show what a general solution might look like for classic ASP (using VBScript). Remember, you need to
keep in mind the specifics of your web application and add/remove things in the sample accordingly. So even
though I am focusing on SQL injection here, input validation needs to be done to even prevent cross-site scripting
attacks, among others. Check this article on how to prevent XSS to give you an idea of other sorts of validation
that would need to be done on user input to secure a web application. If you are looking for something for
ASP.NET check out this post from Stefan on the ASP.NET team.
Now that UrlScan v3.0 (x86, x64) is out I would highly recommend using that instead of this script. There is also a
walk-through for it on implementing SQL injection blocking configuration.
Please note:
The purpose of this sample is to get folks off the ground and up and running. This is not intended to be a longterm solution to solving SQL injection attacks against your application. Using black lists like in the sample tend to
give a lot of false positives that make many applications unusable. Increasing complexity in the list to avoid this
leads to performance issues. Also, such simplistic signatures can be worked around by determined hackers.
Consider UN/**/ION for example.
You want to use white lists and rules to sanitize input. You should restrict your web application to using stored
procedures and calling them using parameterized SQL APIs.
The way this sample is constructed is that I have a script that checks certain inputs against a black list of strings,
and if I find a match I redirect to an error page. This script can then be included into all public facing application
scripts that process user input. There are 3 pieces to this solution: the script with the filtering logic, a sample
application that will include the filtering script and an error page we would forward to. I have added comments to
the scripts themselves, so you have the reminders in front of you. Several folks asked about a send email script,
so I have included a sample script for that as well. You will need to incorporate it into your application
appropriately. Make sure you read the comments in the code as well for all the assumptions. The right way to do
db access from web applications is to use parameterized SQL. Check out Neil Carpenter's blog here on what this
looks like.
SqlCheckInclude.asp

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 89 of 130

This is the code that does the main filtering. Copy the code below into an ASP file and modify according to your
needs. The main things you need to add/modify for your needs are the BlackList array and the ErrorPage you
want to forward to. Deploy this file in a location that will be accessible to all your web applications. Make sure that
the path to your error page is correct. Use a full path here if possible, since this code will get included into
several applications that may all reside in different physical directories.
<%
' SqlCheckInclude.asp
'
' Author: Nazim Lala
'
' This is the include file to use with your asp pages to
' validate input for SQL injection.
Dim BlackList, ErrorPage, s
'
' Below is a black list that will block certain SQL commands and
' sequences used in SQL injection will help with input sanitization
'
' However this is may not suffice, because:
' 1) These might not cover all the cases (like encoded characters)
' 2) This may disallow legitimate input
'
' Creating a raw sql query strings by concatenating user input is
' unsafe programming practice. It is advised that you use parameterized
' SQL instead. Check support.microsoft.com/.../q164485 for information
' on how to do this using ADO from ASP.
'
' Moreover, you need to also implement a white list for your parameters.
' For example, if you are expecting input for a zipcode you should create
' a validation rule that will only allow 5 characters in [0-9].
'
BlackList = Array("--", ";", "/*", "*/", "@@", "@",_
"char", "nchar", "varchar", "nvarchar",_
"alter", "begin", "cast", "create", "cursor",_
"declare", "delete", "drop", "end", "exec",_
"execute", "fetch", "insert", "kill", "open",_
"select", "sys", "sysobjects", "syscolumns",_
"table", "update")
' Populate the error page you want to redirect to in case the
' check fails.
ErrorPage = "/ErrorPage.asp"
'''''''''''''''''''''''''''''''''''''''''''''''''''
' This function does not check for encoded characters
' since we do not know the form of encoding your application
' uses. Add the appropriate logic to deal with encoded characters
' in here
'''''''''''''''''''''''''''''''''''''''''''''''''''
Function CheckStringForSQL(str)
On Error Resume Next
Dim lstr
' If the string is empty, return true
If ( IsEmpty(str) ) Then
CheckStringForSQL = false
Exit Function
ElseIf ( StrComp(str, "") = 0 ) Then
CheckStringForSQL = false
Exit Function
End If
lstr = LCase(str)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 90 of 130

' Check if the string contains any patterns in our

' black list
For Each s in BlackList
If ( InStr (lstr, s) <> 0 ) Then
CheckStringForSQL = true
Exit Function
End If
Next
CheckStringForSQL = false
End Function
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check forms data
'''''''''''''''''''''''''''''''''''''''''''''''''''
For Each s in Request.Form
If ( CheckStringForSQL(Request.Form(s)) ) Then
' Redirect to an error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check query string
'''''''''''''''''''''''''''''''''''''''''''''''''''
For Each s in Request.QueryString
If ( CheckStringForSQL(Request.QueryString(s)) ) Then
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check cookies
'''''''''''''''''''''''''''''''''''''''''''''''''''
For Each s in Request.Cookies
If ( CheckStringForSQL(Request.Cookies(s)) ) Then
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Add additional checks for input that your application
' uses. (for example various request headers your app
' might use)
'''''''''''''''''''''''''''''''''''''''''''''''''''
%>
TestPage.asp
This is a sample that shows how to include the script above in my application. Make sure the path to your
include file is correct. The example below is for the application and the include file being in the same directory.
Make sure you modify the path if these 2 are not in the same directory.
<%
' TestPage.asp
'
' Author: Nazim Lala
'
' This is a file to test the SQLCheckInclude file. The idea here is that you add
' the include file to the beginning of every asp page to get SQL injection
' input validation
%>

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 91 of 130

<!--#include file="SqlCheckInclude.asp"-->
<%
Response.Write("Welcome to the Test Page.")
Response.Write("If you are seeing this page then SQL validation succeeded.")
%> ErrorPage.asp
If a black list string is found in any input, this is the page you will be forwarded to. You can reuse any custom
error page that you already have for this. I am including this only for the sake of completeness.
<%
' ErrorPage.asp
'
' Author: Nazim Lala
'
' This is the error page that users will be redirected to if the input cannot
' be validated
%>
<%Response.Write("ERROR: Invalid Input")%>
SendEmail.asp
This script sends email via a remote SMTP server that uses credentials. You will need to integrate this into your
application at the right place to get error reporting via email.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:18 AM by freefilmx
film izle
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:20 AM by pendiksecim
http://www.pendikdesecim.com
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:21 AM by ucaydogalgaz
dogalgaz kombi
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:22 AM by pendiksecim
secim anket
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:23 AM by ftk cambalkon
cam balkon sis
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 8:25 AM by pendik bilisim
bilisim bilgisayar
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:17 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:24 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:24 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:24 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:24 AM by sohbet

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 92 of 130

i like that thanks..

# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:24 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:25 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 3:00 PM by video izle
Thank you web admin super blog very good
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 5:16 PM by sohbet
Thanks by admin
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 5:17 PM by sohbet
Thanks By admin
# re: Filtering SQL injection from Classic ASP
Tuesday, January 13, 2009 11:03 PM by muhabbet
iis admin thnks for this post ..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 12:08 AM by et
ya lm ya sen ..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 12:10 AM by sohbet
so thnx ..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 12:10 AM by sohbet
so thnx ..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 10:27 AM by EKS CAM BALKON SSTEMLER
cam balkon, katlanan cam, katlanabilir cam, srme cam
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 6:51 PM by cam balkon
its so confused
# re: Filtering SQL injection from Classic ASP
Wednesday, January 14, 2009 7:12 PM by film izle
thanks desem bi kere verirmisin ? :D
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 5:49 AM by oyun oyna
thanks for this post
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 5:49 AM by oyun oyna
thanks for this post
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 5:50 AM by oyun oyna
The list of strings I have put up is only a sample. I am aware that you will get false positives with it. If you look at
the comments in the scripts it will give you some suggestions around this. Do note that this is a quick fix to get
you up and running. What you really want to do is use a combination of whitelist/blacklist along with
parameterized SQL.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 93 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, January 15, 2009 6:34 AM by selamlar
<a href="http://www.motokolik.com" title="motosiklet, motorsiklet" target="_blank">motorsiklet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 6:37 AM by zalim
<a href="http://www.motokolik.com" title="motosiklet, motorsiklet" target="_blank">motorsiklet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 6:48 AM by motosiklet
<a href="http://www.motokolik.com" title="motorsiklet" target="_blank">motorsiklet</a>
<a href="http://www.motokolik.com" title="motosiklet" target="_blank">motosiklet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 6:50 AM by zalim
<a href="http://www.motokolik.com" title="motosiklet" target="_blank">motosiklet</a>
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 7:40 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 7:42 AM by sohbet
thanks .......
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 7:43 AM by sohbet
thanksss.......
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 7:53 AM by cem
thank you vshare
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 1:48 PM by sohbet
thanks owner
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 1:48 PM by sohbet
thansk admin
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 1:49 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 2:26 PM by Sohbet odalar
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 2:27 PM by Sohbet odalar
Thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 9:15 PM by turkchat
thansk
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 9:16 PM by turkchat
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 9:17 PM by netlog

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 94 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 9:18 PM by netlog
thansk
# re: Filtering SQL injection from Classic ASP
Thursday, January 15, 2009 10:33 PM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 4:35 AM by Sohbet odalar
Thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 6:02 AM by Tfaresi
<a href="http://www.akar.gs" title="akar, web dizini, web dizinleri, cretsiz, kodsuz, link ekle" >Web Dizinleri</a>
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 6:03 AM by oyun oyna
thansk for this post
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 6:03 AM by oyun oyna
thansk for this post
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 6:04 AM by oyun oyna
thanks for all
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 6:04 AM by oyun oyna
thanks for all
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 9:04 AM by www.uyurgezer.net
This doesn't solve SQL injection attacks.
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 10:38 AM by Jirka jr.
Input will be enclosed in single quotes in SQL query, because it is string. Isn't it enough to replace each single
quote with two single quotes?
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 5:25 PM by Netlog
Hello Thanks ..!
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 5:27 PM by Netlog
thankss
# re: Filtering SQL injection from Classic ASP
Friday, January 16, 2009 5:28 PM by Netlog
??????
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 8:54 AM by Netlog
very goood !
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 10:14 AM by trke mIRC indir
Thankss
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 95 of 130

Saturday, January 17, 2009 1:53 PM by ibrahim

www.rapzone.biz rap dinle rap indir hip hop dinle rap dinle trke rap dinle
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:03 PM by alcak
thanks yours.. http://www.wholetv.com live tv online
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:04 PM by whole
thanks yourss
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:13 PM by islamiote
Hello Thanks ..!
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:39 PM by kaan
thanks admin ;)
http://eftelya.org
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:40 PM by Anzele
Thank you for
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:41 PM by anzele
Thank you for
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:47 PM by deneme
Im using the Thesis theme with Wordpress, and have installed the Subscribe to Comments plug-in, but I do not
get any prompt/checkbox to Notify me of follow-up comments via e-mail.
.<a href = "http://www.diziburda.net>dizi izle</a>
I have tried it with the option both checked and and checked to do a CSS clear on the subscription
checkbox/message (uncheck this if the checkbox/message appears in a strange location in your theme)
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:47 PM by Sohbet
thanks for you.
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:49 PM by Adult
www.adultt.org
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:50 PM by dizi izle
Im using the Thesis theme with Wordpress, and have installed the Subscribe to Comments plug-in, but I do not
get any prompt/checkbox to Notify me of follow-up comments via e-mail.
<a href = "http://www.diziburda.net>dizi izle</a>
I have tried it with the option both checked and and checked to do a CSS clear on the subscription
checkbox/message (uncheck this if the checkbox/message appears in a strange location in your theme)
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:50 PM by dizi izle
Im using the Thesis theme with Wordpress, and have installed the Subscribe to Comments plug-in, but I do not
get any prompt/checkbox to Notify me of follow-up comments via e-mail.
<a href = "http://www.diziburda.net">dizi izle</a>
I have tried it with the option both checked and and checked to do a CSS clear on the subscription
checkbox/message (uncheck this if the checkbox/message appears in a strange location in your theme)
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:51 PM by dizi izle
Im using the Thesis theme with Wordpress, and have installed the Subscribe to Comments plug-in, but I do not
get any prompt/checkbox to Notify me of follow-up comments via e-mail.
.<a href = "http://www.diziburda.net">dizi izle</a>

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 96 of 130

I have tried it with the option both checked and and checked to do a CSS clear on the subscription
checkbox/message (uncheck this if the checkbox/message appears in a strange location in your theme)
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:52 PM by dizi izle
Im using the Thesis theme with Wordpress, and have installed the Subscribe to Comments plug-in, but I do not
get any prompt/checkbox to Notify me of follow-up comments via e-mail.
.<a href = "http://www.diziburda.net">dizi izle</a>
I have tried it with the option both checked and and checked to do a CSS clear on the subscription
checkbox/message (uncheck this if the checkbox/message appears in a strange location in your theme)
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:55 PM by YILDIRAY
thanks you
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:57 PM by download-load
thanks my friend !!
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 5:59 PM by download
thanks man
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:01 PM by yutup
internet is very big world and we are small people. thank you very much...
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:01 PM by kurtlar vadisi pusu
thanks a lot
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:01 PM by yutup
internet is very big world and we are small people. thank you very much...
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:06 PM by sedat
very very thanx
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:10 PM by sedat
very very thanxxx
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 6:25 PM by umut
Thanks for this goog letter
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 7:14 PM by Dogu
thanks for share .
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 7:20 PM by liseli kzlar
Hello Thanks'SSs
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 7:22 PM by hi5
selammsmss
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 7:23 PM by Sohbet Odas
sohbet odas .. my tarz !!
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 97 of 130

Saturday, January 17, 2009 7:23 PM by Sohbet Odas

sohbet odas .. my tarz !!
# re: Filtering SQL injection from Classic ASP
Saturday, January 17, 2009 8:35 PM by Bakire
ts great thank you
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 2:32 AM by emo forum
thanks admin!
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 5:38 AM by oyun oyna
thanks for this post cool and nice job admin
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 5:38 AM by oyun oyna
thanks for this post cool and nice job admin
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 5:47 AM by et
thank you..
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:53 AM by ergin
<a href="http://www.film-yeri.com" title="filim izle,film izle" target="_blank">filim izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:54 AM by ergin
<a href="http://www.film-yeri.com" title="filim izle,film izle" target="_blank">filim izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:54 AM by ergin
http://www.film-yeri.com
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:55 AM by ergin
<a href="http://www.film-yeri.com" title="filim izle,film izle" target="_blank">filim izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:56 AM by ergin
<a href="http://www.film-yeri.com" title="filim izle,film izle" target="_blank">filim izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 6:57 AM by thank you
thank you
<a href="http://www.film-yeri.com" title="filim izle,film izle" target="_blank">filim izle</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:04 AM by sohbet
Your page is very nice. Thank you for the helpfull information
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:06 AM by Hatay
Thank you for the helpfull information
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:39 AM by bizimlesohbet
nice site thenk you
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:40 AM by bizimlesohbet
Sunday, January 18, 2009 6:56 AM by

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 98 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, January 18, 2009 8:26 AM by cascas
Thanks...
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:11 AM by sohbet siteleri
sohbet siteleri
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:12 AM by turk chat
turk chat
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:13 AM by sohbet siteleri
sohbet siteleri
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:14 AM by sohbet siteleri
sohbet siteleri
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:19 AM by Makina Park
Thank you.
We were trying to figure out what we could do about this and this article was the best by far we found.
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:19 AM by Makina Park
Excellent link.
It really helped me out a lot!
Great article!
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 9:28 AM by trke mIRC indir
Thankss
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 10:26 AM by davut
Tr-bilgi says:thanks
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 10:31 AM by youtube
ty man
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 11:13 AM by yamaha
Nice article, thank you.
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 11:18 AM by oyun indir
thanks for sharing
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 11:22 AM by sohbet-chat
thanks you...
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 11:29 AM by tayland
Great article, thank you.
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 12:52 PM by Bedava
i use php, but i like that.

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official M... Page 99 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, January 18, 2009 3:08 PM by SesliCity
Kamerali Sohbet
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 4:18 PM by Stizz
Thank you.It's very usefull
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 5:39 PM by sohbet
This plugin that i am searching for. thanks!
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:06 PM by root.forumxd
thanks www.forumxd.com
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:07 PM by root.forumxd
thanks www.forumxd.com
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:19 PM by gvenlik sistemleri
useful writing..
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 7:54 PM by tiklanet
Very good. Thanks.
http://www.tiklanet.net
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 8:04 PM by Sohbet Et
<a href="http://www.sohbetinadi.com" title="sohbet, chat, chat sohbet, sohbet chat, sohbet odalar">Sohbet
Et</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 8:06 PM by Chat
thakyuo
www.chatmekani.com
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 8:41 PM by chat
Global chat sites
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 8:42 PM by chat
Global chat sites
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 8:42 PM by chat
Global chat sites
# re: Filtering SQL injection from Classic ASP
Sunday, January 18, 2009 11:10 PM by yalova
thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 2:25 AM by Kevin
Thank you <a href="www.bayanlarvebaylar.com/.../a>
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 5:30 AM by komik
thank you friends

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 100 of 130

# re: Filtering SQL injection from Classic ASP

Monday, January 19, 2009 5:31 AM by komik
thank you friends. i like that. very good
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 5:57 AM by Pcgazete
great website thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 6:19 AM by sohbet odalar
ThankS
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 6:20 AM by sohbet odalari
ThankS
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 12:30 PM by mirc indir
mirc indir
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 12:30 PM by mIRCindir Sohbet
Sohbet ASk Oyun Sevgi
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 12:31 PM by Erkan
mIRCykle mircindir
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 12:32 PM by mircindir
<a href="http://www.bismilsohbet.com" title="mirc indir">mirc indir</a>
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 12:32 PM by Erkan
mIRCykle mircindir indir mIRCykle mircindir indir mIRCykle mircindir indir
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 2:11 PM by tuba bykstn
thnkss
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 2:40 PM by ssk sorgulama
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk</a>
tanx see you later
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 4:06 PM by sohbet
sohbet odalar
#re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 5:33 PM by okey
thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 5:33 PM by okey
thankl
# re: Filtering SQL injection from Classic ASP
Monday, January 19, 2009 6:36 PM by Side , manavgat
thanks but love php so much
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 101 of 130

Monday, January 19, 2009 8:56 PM by Keeley Hazell

Very good. Thanks.
http://www.tiklanet.net
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 3:54 AM by nakliyat
www.kelebeknakliyat.com
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 3:55 AM by nakliyat
Thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 4:23 AM by tuba bykstn
THNKSSS
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 4:24 AM by tuba bykstn
THNKS
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:03 AM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 6:45 AM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 9:49 AM by oyun oyna
thankss for this post admin
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 11:05 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 11:05 AM by sohbet
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 11:23 AM by cam balkon
not working for me
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 2:11 PM by kzlk zar
thanks a lot.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 2:13 PM by keelley hazell
Very good. Thanks.
http://www.tiklanet.net
<a href="http://www.tiklanet.net">Tikla Net</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 2:13 PM by Oyun
how to <a href="http://www.oyuncambazi.com">Oyun</a>
prevent XSS to give you an idea <a href="http://www.oyuncambazi.com">Oyun</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 2:19 PM by Oyun
The tax package rolled back $12.7 billion <a href="http://www.oyuncambazi.com">Oyun</a>

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 102 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, January 20, 2009 3:18 PM by turkchat
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 4:52 PM by emo
Very good. Thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 4:53 PM by emocular
Very good. Thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:08 PM by emocular
ssssss
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:10 PM by mzik dinle
Thank you admins
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:11 PM by mzik dinle
Thank you admins
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:50 PM by Yemekkeyif
thank You ;)
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:50 PM by lahi Dinle
thank You ;)
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 5:54 PM by lahi Dinle
Thank you admins
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 6:28 PM by hell
welcome to blogosphere Nazim, it's great to have a security-focused blog for IIS!
look: http://www.hell-world.org
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 6:28 PM by hell
welcome to blogosphere Nazim, it's great to have a security-focused blog for IIS!
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 8:14 PM by Sohbet Et
thakyuo
www.sohbetinadi.com
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 8:15 PM by Chat
Havaryuo
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 9:22 PM by sohbet
thanks www.chat34.org
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 9:35 PM by chat
Global <a href="http://www.chatyaptir.com" title="chat" target="_blank">chat</a> sites
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 103 of 130

Tuesday, January 20, 2009 9:35 PM by chat

Global chat sites
# re: Filtering SQL injection from Classic ASP
Tuesday, January 20, 2009 11:27 PM by seks hikayeleri
sekshikayeleri.oexa.net
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 1:11 AM by rzrarti
Thanks for the tip.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 1:17 AM by seks hikaye
thankss for
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 1:44 AM by almanya chat
Hello !!^==
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 5:31 AM by Oddish
I understand it's just an example, but let's say you try to implement this script on a page that receives a search
form via GET. Some of the blacklisted words can easily be found in a valid search term.
Let's say it's a search on a movie review site and a user searches for "kill bill". The querystring would likely be
something along the lines of "?q=kill%20bill" and this validator would not allow that, am I right?
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 7:13 AM by keeley Hazell
http://www.tiklanet.net
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 7:44 AM by kz oyunlar
thanks..
yes it god
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:02 AM by program ekle
you must created php :S
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:04 AM by web hosting
thank you
http://www.hostingtescil.com
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:07 AM by Netlog
thnq yoU !
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:24 AM by ali
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:24 AM by hikaye
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:24 AM by hikaye
i like that thanks..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 8:25 AM by mirc
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 104 of 130

# re: Filtering SQL injection from Classic ASP

Wednesday, January 21, 2009 8:42 AM by youtube
Google is and has been a world leader in content caching pretty much since its inception. And unlike Akamai,
AWS,
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 9:41 AM by Chat
thanks..
very god
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 1:58 PM by SOHBET
thanks you wery much admns WELCOME...
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 3:19 PM by burak
thanks a lot
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 3:20 PM by burak
thanks a lot.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:30 PM by sanela
Thank you as
<p><a href="http://sagliklibirhayat.blogspot.com" title="Lida Dai Dai Hua Jiao Nang Seo Yarismasi"
target="_blank">Lida Dai Dai Hua Jiao Nang Seo Yarismasi</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:30 PM by 12323
sagliklibirhayat.blogspot.com
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:51 PM by Apps Download
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:52 PM by Apps Download
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:53 PM by chat
nice to meet you!
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 4:53 PM by chat
nice to meet you
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 6:23 PM by zrmbilisim katklar ile 2009 seo yarmas
<a href="http://www.zrmbilisimseoyarismasi.com" title="zrmbilisim katklar ile 2009 seo yarmas"
target="_blank">zrmbilisim katklar ile 2009 seo yarmas</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 6:24 PM by zrmbilisim katklar ile 2009 seo yarmas
<a href="http://www.zrmbilisimseoyarismasi.com" title="zrmbilisim katklar ile 2009 seo yarmas"
target="_blank">zrmbilisim katklar ile 2009 seo yarmas</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 21, 2009 6:32 PM by zrmbilisim katklar ile 2009 seo yarmas
thanks!
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 12:05 AM by yemek

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 105 of 130

It isn't as big of a deal at the moment, but it is always good to make sure everyone is aware of this
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 3:36 AM by ekz
Thank you very much for this information
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 5:13 AM by film izle
cok thanks ederim.
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 5:14 AM by film izle
cok thanks ederim.
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 5:14 AM by film izle
cok thanks ederim.
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 9:18 AM by Estetik
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 10:08 AM by oyunlar
A very large collection of free Flash and Java games in numerous categories : arcade flash games, action flash
games, sports flash games, puzzle games ( Numberone Flash Game Site )
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 10:09 AM by oyun
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 10:14 AM by kz oyunlar
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 1:20 PM by sohbet
eyw good thank
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 1:22 PM by mirc
A very large collection of free Flash and Java games in numerous categories : arcade flash games, action flash
games, sports flash games, puzzle games ( Numberone Flash Game Site )
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 1:23 PM by mirc indir
Thanks for sharing your feedback! If your feedback doesn't appear right away, please be patient as it may take a
few minutes to publish - or longer if the blogger is moderating comments
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 1:24 PM by film indir
very good nice galery
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 1:27 PM by divx film indir
owwww yes nice post
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 2:21 PM by kaan
thanks you admin
http://eftelya.org
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 6:10 PM by film izle

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 106 of 130

thanks. beatiful blogs.

# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 7:54 PM by E-okul
it is great sharing. you are perfect coder
# re: Filtering SQL injection from Classic ASP
Thursday, January 22, 2009 8:37 PM by turkchat
Safe search is very important in now a days and thats good yahoo step to introduce safe search technique. It can
build up a good trust between yahoo and users.
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 3:10 AM by Oyunbaz Sorular
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 3:12 AM by Netlog
thankss'Sss
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 4:51 AM by salk
hai i got below error hw to solve it ... i am not a asp programmer ... so pls give ur suggestion to solve it....
Error Type:
Microsoft VBScript runtime (0x800A01F4)
Variable is undefined: 's'
admin/SqlCheckInclude.asp, line 86
www.saglik-sorunlari.net
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 6:50 AM by Calvin
thanks dependent on this OS, why dont you buy it my???
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 7:11 AM by Adult
thacks
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 7:12 AM by bebek oyunlar
thanks very god
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 7:13 AM by Kocaeli
thnkss
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 8:44 AM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 8:45 AM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 8:52 AM by film izle
sharing for thanks. a lot of writing.
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 8:55 AM by film izle
thnaks.
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 10:04 AM by mirc indir
Nice letter thanx man ;)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 107 of 130

# re: Filtering SQL injection from Classic ASP

Friday, January 23, 2009 10:30 AM by thams
thnaks.
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 10:32 AM by zrmbilisim katklar ile 2009 seo yarmas
Nice letter thanx man ;)
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 12:46 PM by arda turan
thanks man are u crazee ?
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 12:51 PM by car photos
thanks...
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 4:44 PM by www.favoriforum.net 2009 seo yarmas
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 4:52 PM by chat
thank you
# re: Filtering SQL injection from Classic ASP
Friday, January 23, 2009 7:53 PM by mrc
mirc mrc mir
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 5:30 AM by sohbet
sohbet
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 7:21 AM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 10:20 AM by oyun oyna
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 10:22 AM by oyun oyna
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 10:30 AM by chat
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 10:43 AM by sohbet odalari
thanks..
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 11:05 AM by Sohbet
its good i will use it thanks a lot..
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 11:05 AM by Sohbet
its good i will use it thanks a lot...
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 11:05 AM by yonja

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 108 of 130

its good i will use it thank a lot.

# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 1:46 PM by sohbet
thank's .....
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 1:47 PM by sohbet
thanks man are u crazee ?
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 1:54 PM by SBS Sonular
Thanks for this article.
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 2:27 PM by sohbet odalari
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 3:59 PM by lig tv
www.avrupachat.net
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 4:00 PM by lig tv
thansk
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 7:05 PM by MSN Szleri
thanks for admin
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 7:07 PM by MSN Szleri
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 8:39 PM by samsun
thanks you!
# re: Filtering SQL injection from Classic ASP
Saturday, January 24, 2009 8:40 PM by samsun
thanks yuo admin
# re: Filtering SQL injection from Classic ASP
Sunday, January 25, 2009 7:55 AM by hosting
other than that it has saved my ears and my patience a few times!
# re: Filtering SQL injection from Classic ASP
Sunday, January 25, 2009 10:12 AM by Okey oyna
<a href="http://www.bedavaokey.org" title="Okey Oyna">Okey Oyna</a>
# re: Filtering SQL injection from Classic ASP
Sunday, January 25, 2009 10:13 AM by Okey oyna
Thakns..
# re: Filtering SQL injection from Classic ASP
Sunday, January 25, 2009 3:39 PM by sohbet
kenthaber
# re: Filtering SQL injection from Classic ASP
Sunday, January 25, 2009 3:39 PM by besiktas
besiktas
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 3:33 AM by film izle

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 109 of 130

thanks
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 6:25 AM by asdas
<a title="sagopa" href="http://rap.hiphopwars.net">sagopa</a>
<a title="ceza arklar" href="http://www.hiphopwars.net">ceza arklar</a>
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 7:49 AM by EKS CAM BALKON SSTEMLER
thanks..
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 12:38 PM by ftk
doalgaz blog
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 3:13 PM by sohbet odalar
thanks yours. I just couldnt understan :(
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 3:14 PM by canli tv
thanks live free movies
# re: Filtering SQL injection from Classic ASP
Monday, January 26, 2009 3:14 PM by canli tv
thanks live free movies
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 7:44 AM by resim
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 7:44 AM by resim
ddgf nh rff hhkcdgh
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 4:51 PM by perde
thanks very good
ts lucks thats
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 4:53 PM by mike
cool site thank u very much my friend
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 7:42 PM by youtube
Very good. Thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, January 27, 2009 7:44 PM by youtube
Very good. Thanks.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:08 AM by bitanem
bitanem sohbet chat cet et bitanem sohbet mirc
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:23 AM by Mirc
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:46 AM by ssk sorgulama
<a href="http://www.ayrilmaz.net" title="ssk sorgulama" target="_blank">ssk</a>

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 110 of 130

tanx see you later

# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:52 AM by http://www.seksmatine.com/
http://www.seksmatine.com/
Thanks.
http://www.seksmatine.com/
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:52 AM by http://www.seksmatine.com/
http://www.seksmatine.com/
Thanks.
http://www.seksmatine.com/
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 4:52 AM by http://www.seksmatine.com/
http://www.seksmatine.com/
Thanks.
http://www.seksmatine.com/
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 5:57 AM by chat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 5:58 AM by chat
<a href="http://www.netyap.com" title="chat" target="_blank">chat</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 5:58 AM by chat
<a href="http://www.netyap.com" title="chat" target="_blank">chat</a>
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 5:59 AM by chat kanallar
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 6:00 AM by chat siteleri
thankss
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 6:00 AM by turkchat
thankss
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 6:09 AM by canl tv
Anyways, this is the plan of Google, to provide Google App Engine storage and bandwidth at near cost price to
any large content providers and content distributors.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 6:57 AM by seslichat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 6:57 AM by seslichat
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 9:22 AM by popmundo
<a href="http://www.popmundo.us" title="popmundo" target="_blank">popmundo</a>
<a href="http://www.turkdizin.info" title="trkce dizinler" target="_blank">trke dizin</a>
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 111 of 130

# re: Filtering SQL injection from Classic ASP

Wednesday, January 28, 2009 12:07 PM by jigolo
thansk men w
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 2:24 PM by mirc indir
Thanks you.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 2:42 PM by sohbet odalari
thanks for all..
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 3:04 PM by Oyun
thanks from http://www.oyuncambazi.com
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 3:13 PM by ssk sorgulama
tanx see you later
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 3:14 PM by ssk sorgulama
tanx see you later
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 5:36 PM by videolar
teekkrler
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 8:47 PM by mzik dinle
Thank you admins
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 9:38 PM by bilgisayar
thank you very much for content
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 10:10 PM by The Rise Of Rome
Thank you very much. Gy.
# re: Filtering SQL injection from Classic ASP
Wednesday, January 28, 2009 10:18 PM by yalova
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 1:27 AM by Sohbet
Thanks...
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 2:48 AM by www.temastore.net
Thanks...
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 3:11 AM by ali
Thanks....
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 4:07 AM by ev hanimi
thank you great
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 4:48 AM by kz oyunlar
thanks a lot

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 112 of 130

# re: Filtering SQL injection from Classic ASP

Thursday, January 29, 2009 6:15 AM by sohbet odalari
thanks.
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 6:19 AM by adanal
thanks a lot
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 6:20 AM by ok gzel hareketler bunlar
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 6:44 AM by full oyun
thans you my friends
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 6:45 AM by full oyun
thank you
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 9:42 AM by kobracan
thanks a lot mean
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 2:43 PM by [email protected]
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 2:44 PM by [email protected]
thans you my friends
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 2:45 PM by [email protected]
thans you my friends
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 4:18 PM by Brain Cancer
The informations are so lovely and so usefull so thank you very much. Be sure i will use all of them keeping in
my mind.Have a goog luck.
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 4:33 PM by rap dinle
Wordpress is good script but there is some reasons that i dont like it. its very good for blogs but admin panel is
not comfortable...
# re: Filtering SQL injection from Classic ASP
Thursday, January 29, 2009 4:57 PM by Norant
Gracias Amigo. !!!
==========================================================
<%
' SqlCheckInclude.asp
'
' Author: Nazim Lala
'
' This is the include file to use with your asp pages to
' validate input for SQL injection.
Dim BlackList, ErrorPage, s
'
' Below is a black list that will block certain SQL commands and
' sequences used in SQL injection will help with input sanitization

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 113 of 130

'
' However this is may not suffice, because:
' 1) These might not cover all the cases (like encoded characters)
' 2) This may disallow legitimate input
'
' Creating a raw sql query strings by concatenating user input is
' unsafe programming practice. It is advised that you use parameterized
' SQL instead. Check support.microsoft.com/.../q164485 for information
' on how to do this using ADO from ASP.
'
' Moreover, you need to also implement a white list for your parameters.
' For example, if you are expecting input for a zipcode you should create
' a validation rule that will only allow 5 characters in [0-9].
'
BlackList = Array("--", ";", "/*", "*/", "@@", "@",_
"char", "nchar", "varchar", "nvarchar",_
"alter", "begin", "cast", "create", "cursor",_
"declare", "delete", "drop", "end", "exec",_
"execute", "fetch", "insert", "kill", "open",_
"select", "sys", "sysobjects", "syscolumns",_
"table", "update", "'", "%27", "''","Jyl=", "\", "\*", "alert", "*", "xss", "style", "hidden", "form", "embed",
"applet", ".vb", ".js", ":", "BLOCKED SCRIPT", "script", """", "--")
' Populate the error page you want to redirect to in case the
' check fails.
ErrorPage = "index.html"
'''''''''''''''''''''''''''''''''''''''''''''''''''
' This function does not check for encoded characters
' since we do not know the form of encoding your application
' uses. Add the appropriate logic to deal with encoded characters
' in here
'''''''''''''''''''''''''''''''''''''''''''''''''''
Function CheckStringForSQL(str)
On Error Resume Next
Dim lstr
' If the string is empty, return true
If ( IsEmpty(str) ) Then
CheckStringForSQL = false
Exit Function
ElseIf ( StrComp(str, "") = 0 ) Then
CheckStringForSQL = false
Exit Function
End If
lstr = LCase(str)
' Check if the string contains any patterns in our
' black list
For Each s in BlackList
If ( InStr (lstr, s) <> 0 ) Then
CheckStringForSQL = true
Exit Function
End If
Next
CheckStringForSQL = false
End Function
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check forms data
'''''''''''''''''''''''''''''''''''''''''''''''''''

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 114 of 130

For Each s in Request.Form

If ( CheckStringForSQL(Request.Form(s)) ) Then
s=""
' Redirect to an error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check query string
'''''''''''''''''''''''''''''''''''''''''''''''''''
For each s in Request.ServerVariables("QUERY_STRING")
If ( CheckStringForSQL(s) ) Then
s=""
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Check cookies
'''''''''''''''''''''''''''''''''''''''''''''''''''
For Each s in Request.Cookies
If ( CheckStringForSQL(Request.Cookies(s)) ) Then
' Redirect to error page
Response.Redirect(ErrorPage)
End If
Next
'''''''''''''''''''''''''''''''''''''''''''''''''''
' Add additional checks for input that your application
' uses. (for example various request headers your app
' might use)
'''''''''''''''''''''''''''''''''''''''''''''''''''
%>
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 5:57 AM by asterkoxp
thaks,to message ,|I am seeing demo ver
www.asterkoxp.com knight online koxp site
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 5:58 AM by iir
I clone people's feeds to my site so that I can display adds with them. I'd like to display some feeds that require
authentication.
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:03 AM by Sohpet
sagolasin eyvalah
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:04 AM by Sohpet
thanks
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 12:18 PM by Chat
thanks..
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 12:52 PM by seslichat
thankss

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 115 of 130

# re: Filtering SQL injection from Classic ASP

Friday, January 30, 2009 12:54 PM by seslichat
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 12:54 PM by sesli chat
thanksa
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 1:59 PM by Muhabbet
very nice Blog Thanks.
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 4:46 PM by divx indir
Thanx Text
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 5:03 PM by cem
thank you
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:34 PM by netlog
helo admin
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:36 PM by netlog
hello admin
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:38 PM by turk chat
helo admin thank you
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:38 PM by chat
pardon anlamadm
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:39 PM by sohbet siteleri
hello admin
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:41 PM by sohbet siteleri
hello
# re: Filtering SQL injection from Classic ASP
Friday, January 30, 2009 7:42 PM by turkchat
hello
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 12:50 AM by
Thank You
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 4:27 AM by Chat Odalar
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 6:53 AM by yalova
thanks
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:20 AM by ssk sorgulama

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 116 of 130

Pray tell, why is anyone running NoScript a fool? I thought it was pretty obvious that it greatly increases security,
and not only that, it also removes most of the stupid advertising
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:27 AM by cambalkon-ascambalkon
cam balkon ,katlanr cam imalat montaj
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:34 AM by Dans Kursu
Isn't t a hacking method?
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 8:32 AM by yahoo chat
thnk'ss
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 11:58 AM by alper akyz
thanks for post, i'll follow your blog. Recommend it my friends.
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 2:38 PM by spor haberleri
thanks admin..
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:05 PM by sohbet odalar
thank you
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:08 PM by sohbet
loverin the webs ;)
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, January 31, 2009 7:08 PM by chat
thanks admin.
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 5:15 AM by sohbet
thanks for post, i'll follow your blog thanks
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 5:17 AM by chat
thanks you
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 7:45 AM by Chat Odalar
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 11:02 AM by msn avatarlar
A very nice article I is.Thanks A lot
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 11:12 AM by bilgisayar
thanks you admin
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 11:13 AM by saray bilgisayar
thanks you admin
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 11:14 AM by saray bilgisayar
thanks you

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 117 of 130

# re: Filtering SQL injection from Classic ASP

Sunday, February 01, 2009 11:14 AM by saray bilgisayar
thanks you
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 2:15 PM by seo
Thanks a lot for the add-on. Is it possible to create one for chrome ?
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:04 PM by chat
very nice
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:08 PM by chat
<a href="http://www.netyap.com" title="chat" target="_blank">chat</a>
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:09 PM by chat
<a href="http://www.netyap.com" title="chat" target="_blank">chat</a> <a href="http://www.netyap.com"
title="netlog" target="_blank">netlog</a>
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:10 PM by netlog
<a href="http://www.netyap.com" title="netlog" target="_blank">netlog</a>
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:10 PM by chat siteleri
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 3:11 PM by turkchat
very nice
# re: Filtering SQL injection from Classic ASP
Sunday, February 01, 2009 5:51 PM by Sohbet Odalari-Chat Odalari-Muhabbet Odalari
Sohbet'in Tek Adresi Olma Amacndayz ..
Yenilenen Sitemize Bir de Sohbetmetro Forum Eklendi ..
Hersey Sizlerin Elinde Arkadaslar ..
Zonguldakl Caycumal Arkadalarmzn Tek Forum Sitesi Olma yolunda Uzunca bir yol Kat Ettik Sizlerin de
Sohbetlerini Bilgilerini bizlerle paylaarak Ailemizin Bir Ferdi Olmanz Rica Ediyoruz ..
ne demiler : " Denemekte Fayda var " :)
Sohbet,Sohbet Odalar,Chat , Chat Odalar , Muhabbet ,Muhabbet Odalar , Sohbet Keyfi, Chat Keyfi , Muhabbet
Keyfi ...
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 2:18 AM by sohbet odalar
very nice
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:04 AM by cet
thanks you. xXx
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:05 AM by cet
thanks you. XxX
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:05 AM by cet
thanks you. XxX
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:05 AM by cet
thanks you. XxX

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 118 of 130

# re: Filtering SQL injection from Classic ASP

Monday, February 02, 2009 9:15 AM by oyunlar
I do believe that too many plugins can slow a sites loading time. However Im really unsure of where that cutoff
should be and Im sure very much depends on what the plugin requires to load.
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 10:42 AM by chat
I do believe that too many plugins can slow a sites loading time. However Im really unsure of where that cutoff
should be and Im sure very much depends on what the plugin requires to load.
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 10:43 AM by chat
I do believe that too many plugins can slow a sites loading time. However Im really unsure of where that cutoff
should be and Im sure very much depends on what the plugin requires to load.
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 12:42 PM by oyun oyna
thank you
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 4:40 PM by mirc
thanks you site admin.
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 4:41 PM by mirc
thankss
http://www.mircteyiz.com
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:32 PM by loto sonular
thanks one number http://arabalife.com
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 5:34 PM by modifiye
thanks
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 8:23 PM by kadnlar klb
thanks
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 11:36 PM by mirc
<a title="mirc" rel="nofollow" href="http://www.mircumut.com">mirc</a>
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 11:37 PM by mirc
mirc <a title="mirc" rel="nofollow" href="http://www.mircumut.com">mirc</a>
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 11:37 PM by mirc
mirc
# re: Filtering SQL injection from Classic ASP
Monday, February 02, 2009 11:38 PM by mirc
mirc
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 12:01 AM by chat
thanx
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 5:40 AM by mrc
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 119 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, February 03, 2009 5:41 AM by mrc
thanks you
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 9:35 AM by arda
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 12:22 PM by iir
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 5:17 PM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, February 03, 2009 6:10 PM by okey oyna
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, February 04, 2009 3:43 AM by Gzel szler
gzel szler
thanks
# re: Filtering SQL injection from Classic ASP
Wednesday, February 04, 2009 11:38 AM by sohbet
thabk you
# re: Filtering SQL injection from Classic ASP
Wednesday, February 04, 2009 11:47 AM by www.fulloyunindir.us
Thanx For man www.fulloyunindir.us
# re: Filtering SQL injection from Classic ASP
Wednesday, February 04, 2009 1:06 PM by sohbet odalar
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, February 04, 2009 2:26 PM by Oyun
I will attempt to show what a general solution might look like for classic ASP (using VBScript). Remember, you
need to keep in mind the specifics of your web application and add/remove things in the sample accordingly. So
even though I am focusing on SQL injection here, input validation needs to be done to even prevent cross-site
scripting attacks, among others
# re: Filtering SQL injection from Classic ASP
Thursday, February 05, 2009 11:26 AM by chat
very nice
# re: Filtering SQL injection from Classic ASP
Thursday, February 05, 2009 3:42 PM by youtube
ty man nice page
# re: Filtering SQL injection from Classic ASP
Thursday, February 05, 2009 4:41 PM by chat
thanks you.!
# re: Filtering SQL injection from Classic ASP
Thursday, February 05, 2009 4:43 PM by chat
very good mcx
# re: Filtering SQL injection from Classic ASP
Thursday, February 05, 2009 5:19 PM by Chat Odalar
http://www.chatbul.net

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 120 of 130

# re: Filtering SQL injection from Classic ASP

Friday, February 06, 2009 4:36 AM by Chat Odalar
thanks
# re: Filtering SQL injection from Classic ASP
Friday, February 06, 2009 8:27 AM by sohbet odalar
thank you
# re: Filtering SQL injection from Classic ASP
Friday, February 06, 2009 8:50 AM by sohbet
oww thanks
# re: Filtering SQL injection from Classic ASP
Friday, February 06, 2009 3:38 PM by islami forum
I had error with the code but when I see here I found a solution, thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, February 07, 2009 1:11 PM by ajsan
thanks you admin
http://chuckfender.com/
# re: Filtering SQL injection from Classic ASP
Sunday, February 08, 2009 2:33 AM by okey oyna
<a title="okey oyna" rel="nofollow" href="http://www.turkokey.gen.tr">sohbet odalari</a>
# re: Filtering SQL injection from Classic ASP
Sunday, February 08, 2009 9:40 AM by perde
perde ve perde modelleri hakknda etkin zmler
# re: Filtering SQL injection from Classic ASP
Sunday, February 08, 2009 11:08 AM by video
video paylam sitesi
# re: Filtering SQL injection from Classic ASP
Sunday, February 08, 2009 3:26 PM by lig tv izle
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, February 08, 2009 4:38 PM by youtube
thank you tube.
# re: Filtering SQL injection from Classic ASP
Monday, February 09, 2009 11:08 AM by sohbet
thanks
# re: Filtering SQL injection from Classic ASP
Monday, February 09, 2009 6:31 PM by cet
cet et
# re: Filtering SQL injection from Classic ASP
Tuesday, February 10, 2009 7:04 AM by Komedi
Thank you very much
# re: Filtering SQL injection from Classic ASP
Tuesday, February 10, 2009 2:52 PM by Norant
_ Veo miles de gracias a el admin de este sitio, pero la cuestion es, es este script lo suficientemente bueno, es
muy parecido a los q existen en otros sites, pero al ser un script que se supone impide la injeccion sql, deberia
de hacer lo q dice totalmente, hace un tiempo desarrolle una aplicacion para un banco, y use este script, y la
verdad es que las alertas de injeccion sql saltaban por cientos al usar Acunetix como scanner de
vulnerabilidades, veo aqui mucha gente que agradece y solo eso, haciendo este lugar una extensa cola de
gracias, pero nada de aporte ni de mejora del script, se supone que de eso se trata Open Source, mi pequeo
aporte seria que el script impidiera enviar injeccion sql a travez de referer manejando las cabeceras HTTP.
Best Regards All.
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 121 of 130

Tuesday, February 10, 2009 2:53 PM by Norant

_ Veo miles de gracias a el admin de este sitio, pero la cuestion es, es este script lo suficientemente bueno, es
muy parecido a los q existen en otros sites, pero al ser un script que se supone impide la injeccion sql, deberia
de hacer lo q dice totalmente, hace un tiempo desarrolle una aplicacion para un banco, y use este script, y la
verdad es que las alertas de injeccion sql saltaban por cientos al usar Acunetix como scanner de
vulnerabilidades, veo aqui mucha gente que agradece y solo eso, haciendo este lugar una extensa cola de
gracias, pero nada de aporte ni de mejora del script, se supone que de eso se trata Open Source, mi pequeo
aporte seria que el script impidiera enviar injeccion sql a travez de referer manejando las cabeceras HTTP.
Best Regards All.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 10, 2009 2:57 PM by edc
to filter comcast just add a space after "cast". i.e., "cast "
# re: Filtering SQL injection from Classic ASP
Wednesday, February 11, 2009 10:07 AM by sohbet
thanx for nice web artichle
# re: Filtering SQL injection from Classic ASP
Wednesday, February 11, 2009 11:09 AM by katlanr cam balkon
katlanr cam balkon sistemleri...
# re: Filtering SQL injection from Classic ASP
Wednesday, February 11, 2009 11:50 AM by e-okul
eo miles de gracias a el admin de este sitio, pero la cuestion es, es este script lo suficientemente bueno, es muy
parecido a los q existen en otros sites, pero al ser un script que se supone impide la injeccion sql, deberia de
hacer lo q dice totalmente, hace un tiempo desarrolle una aplicacion para un banco, y use este script,
# re: Filtering SQL injection from Classic ASP
Wednesday, February 11, 2009 3:10 PM by ucuz oteller
pero nada de aporte ni de mejora del script, se supone que de eso se trata Open Source, mi pequeo aporte
seria que el script impidiera enviar injeccion sql a travez de referer manejando las cabeceras HTT
# re: Filtering SQL injection from Classic ASP
Wednesday, February 11, 2009 6:31 PM by perde
good thanks
# re: Filtering SQL injection from Classic ASP
Thursday, February 12, 2009 1:47 PM by zrmbilisim katklar ile 2009 seo yarmas
thanks
# re: Filtering SQL injection from Classic ASP
Thursday, February 12, 2009 4:45 PM by Gnome
very interesting. thank you for this information.
you can place this material on your site? with a backlink to you of course:)
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 1:37 AM by tuba buyukustun
good web sites.thank you
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 2:32 AM by komedi
Thank you very much.
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 2:33 AM by dizi izle
thank you
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 2:52 AM by sohbet odalar
thanks..
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 3:21 AM by sohbet
thanks you

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 122 of 130

# re: Filtering SQL injection from Classic ASP

Friday, February 13, 2009 3:22 AM by chat
thanks you..
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 3:53 AM by mrc
thanks you
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 6:00 AM by iir
This seems like a major step forward and I dont see any downside to it.
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 6:15 AM by KTM
big tnx!
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 1:21 PM by islami forum
I was looking for this to filter comcast just add a space after "cast". i.e., "cast ". Thanks.
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 1:41 PM by sohbet
Turkiyenin en iyi chat sohbet sitesi
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 4:03 PM by sohbet
Turkiyenin en iyi chat sohbet sitesi
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 4:08 PM by Tikla zle
Turkiyenin en iyi online video sitesi
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 7:08 PM by Sozluk
ty man.this is good text
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 8:11 PM by seslichat
hi, this is a shared page very good
# re: Filtering SQL injection from Classic ASP
Friday, February 13, 2009 8:12 PM by seslisohbet
ooo thanks admin very good
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 5:46 AM by chat
thanks beybis
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 6:50 AM by salarha
Thanx <a href="www.forzasalarha.blogcu.com/" rel="nofollow" target="_blank">salarha</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 6:51 AM by salarha
Thanx
<a href="www.forzasalarha.blogcu.com/" rel="nofollow" target="_blank">salarha</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 8:28 AM by BaReTTa
<a href="http://www.abathosting.com" title="irc shell">irc shell</a>
# re: Filtering SQL injection from Classic ASP

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 123 of 130

Saturday, February 14, 2009 8:29 AM by BaReTTa

Thank
<a href="http://www.abathosting.com" title="irc shell">irc shell</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 8:29 AM by BaReTTa
www.abathosting.com
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 8:32 AM by BaReTTa21
<a href="http://www.bismilsohbet.com" title="mirc indir">mirc indir</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 8:33 AM by BaReTTa21
Thank
<a href="http://www.bismilsohbet.com" title="mirc indir">mirc indir</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 8:43 AM by mirc indir
Thanks you.
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:34 AM by konya chat
konya chat
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:35 AM by konya chat
konya chat sohbet
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:36 AM by konya chat
konya
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:42 AM by chat
chat
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:48 AM by Sohbet
thanks admincim..
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:49 AM by Sohbet
thanks La admin.
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:50 AM by Sohbet
thanks dedim La..
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:51 AM by yonja
thanks sus sikerim..
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:51 AM by yonja
thanks admin arkadam.
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:52 AM by yonja
thanks a lot la..
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 11:52 AM by yonja

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 124 of 130

thanks a Lot..
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 12:39 PM by ak iirleri
thank you verymuch
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 2:21 PM by travesti
Ok, here is my "soap box"...I could have made a lot more money shorting stocks (which I would never do, even
though it is legal, I just believe it is unethical and further hurts struggling companies Sort of like shooting the
wounded!).
#re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 2:43 PM by chat
chat-sohbet-muhabbet-mirc www.sibersahne.com
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 5:58 PM by chat
TRs
# re: Filtering SQL injection from Classic ASP
Saturday, February 14, 2009 5:58 PM by chat
TRs
# re: Filtering SQL injection from Classic ASP
Sunday, February 15, 2009 8:54 AM by hugo oyunlar
<a href="www.oyunsesi.com/hugo_oyunlari_1.htm">hugo oyunlar</a>
# re: Filtering SQL injection from Classic ASP
Sunday, February 15, 2009 9:03 AM by sohbet
thanks for you, nice.
# re: Filtering SQL injection from Classic ASP
Sunday, February 15, 2009 9:04 AM by sohbet
sohbet muhabbet et
thanks for you nice post
okay;p
# re: Filtering SQL injection from Classic ASP
Sunday, February 15, 2009 9:05 AM by sohbet
Thanks for you.
# re: Filtering SQL injection from Classic ASP
Sunday, February 15, 2009 9:06 AM by hugo oyunlar
<a href="www.oyunsesi.com/hugo_oyunlari_1.htm">hugo oyunlar</a>
# re: Filtering SQL injection from Classic ASP
Monday, February 16, 2009 6:10 PM by sport video
thanks for the info
# re: Filtering SQL injection from Classic ASP
Monday, February 16, 2009 6:11 PM by Kamera sakalari
Danke fr die Informationen war sehr ntzlich
# re: Filtering SQL injection from Classic ASP
Monday, February 16, 2009 6:15 PM by Kamera sakalari
Danke fr die Informationen war sehr ntzlich
# re: Filtering SQL injection from Classic ASP
Monday, February 16, 2009 6:45 PM by bbg
thanks man nice info
# re: Filtering SQL injection from Classic ASP
Tuesday, February 17, 2009 1:52 PM by ucuz oteller

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 125 of 130

a variety of folks in their organization trying to find the response to that request." workand i hope <a
href="http://www.e-okullu.com" title="veli bilgilendirme sistemi">e-okul</a>
and we love <a href="http://www.ucuzoteller.net" title="ucuz oteller">ucuz otel</a>
XBRL will reduce the friction and the cost of complying with information management demands from the CEO
and the board, Kapoor says.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 17, 2009 6:47 PM by babil cam balkon
<a href="http://www.babilcambalkon.com" title="Cam Balkon">Cam balkon</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, February 17, 2009 6:48 PM by ftkcambalkon
<a href="http://www.ftkcambalkon.com" title="Cam Balkon">Cam balkon</a>
# re: Filtering SQL injection from Classic ASP
Tuesday, February 17, 2009 9:09 PM by sesli chat
tahnk ypu
# re: Filtering SQL injection from Classic ASP
Thursday, February 19, 2009 4:48 AM by katlanr cam
thankss you...
[...] this theme (BloggingPro) was not widget enabled, so some work needs to be done. The Widgetizing Themes
tutorial was useful [...]
# re: Filtering SQL injection from Classic ASP
Thursday, February 19, 2009 10:00 AM by govt-tt
Would it make sense to count how many Blacklist values are used per field? For example, I have a field that
should allow "O'Caston" and another field that should allow ">0 and <100" but neither field should allow ', cast, <,
and >. If I do a count (along with your code) and find more than two Blacklist values, would this be enough to
stop an attack?
# re: Filtering SQL injection from Classic ASP
Thursday, February 19, 2009 2:22 PM by tuba buyukustun
thanks demek isterim bu guzellik karsinda
# re: Filtering SQL injection from Classic ASP
Thursday, February 19, 2009 3:25 PM by e-okul
should allow "O'Caston" and another field that should allow ">0 and <100" but neither field should allow ', cast, <,
and >. If I do a count (along with your code) and find more than two Blacklist values, would this be enough to
stop an attack? thanks
# re: Filtering SQL injection from Classic ASP
Thursday, February 19, 2009 3:30 PM by e-okul
Thank you very much...
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 3:41 AM by okey
danke admin
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 3:41 AM by okey
danke admin
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 3:17 PM by araba
thanks <a rel="nofollow" target="_blank" title="http://lotosonuclari.com"
href="http://lotosonuclari.com">sonular</a>
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 3:18 PM by sonular
thanks admin
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 3:52 PM by okey oyna
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 126 of 130

# re: Filtering SQL injection from Classic ASP

Friday, February 20, 2009 5:43 PM by zrmbilisim
thank you
zrmbilisim2009-seoyarismasi.blogspot.com
# re: Filtering SQL injection from Classic ASP
Friday, February 20, 2009 6:20 PM by chat
I completely rewrote the Drools Alpha Node hashing for 4.0.x, as what was in 3.0.x was too complicated. 4.0.x
includes the ability to set the threshold for when hashing is turned on/off, currently it defaults to a fan out of 3 or
more...
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 6:15 AM by [email protected]
<a href="http://www.ChatSohbetCi.net" title="chat, Sohbet, Muhabbet,Samyeli, Muhabbetgulu, Hikaye, Ak,
et">Sohbet Chat Muhabbet</a>
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 6:15 AM by [email protected]
Sohbet Chat
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 6:16 AM by Sohbet Chat
Sohbet Chat
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 12:30 PM by Eryaman
You perfect back
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 4:28 PM by giydirme
kz giydirme oyunlar sitesi
# re: Filtering SQL injection from Classic ASP
Saturday, February 21, 2009 4:29 PM by komik oyunlar
have followed your writing for a long time.really you have given very successful information.
In spite of my english trouale,I am trying to read and understand your writing.
And am following frequently.I hope that you will be with us together with much more scharings.
I hope that your success will go on.
# re: Filtering SQL injection from Classic ASP
Sunday, February 22, 2009 9:57 PM by mzik dinle
Thank you very nice
# re: Filtering SQL injection from Classic ASP
Sunday, February 22, 2009 9:57 PM by mzik dinle
Thank you very nice
# re: Filtering SQL injection from Classic ASP
Sunday, February 22, 2009 9:58 PM by mzik dinle
sdasdsadasd
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 9:22 AM by Akrep
thank you very muchh
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 9:38 AM by akrep
Thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 3:56 PM by ilahiler
Thanxyou

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 127 of 130

# re: Filtering SQL injection from Classic ASP

Tuesday, February 24, 2009 5:47 PM by 2009 ss
Good article. Thanks you.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 6:12 PM by ara sorgulama
Thanks...
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 6:42 PM by siki izle
Hi, thanks.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 6:43 PM by sikis izle
thank you very much.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 6:58 PM by rg
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 7:29 PM by Gzel Resimler
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 7:37 PM by varsovian-usa
Thank You.
# re: Filtering SQL injection from Classic ASP
Tuesday, February 24, 2009 10:01 PM by evden eve
I want to use it - but I have a problem. I secured the /wp-admin/ with a htaccess pass. So I need to enter a pass
before I get to the admin-login.
Fine, BUT if I use the Plugin given by you, I need to enter the pass too, but my users of course do not know the
pass. How can I get rid of this problem? Any help appreciated.
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:12 AM by pire
thanx for asp code i use my web site security good work men...
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:13 AM by pire
thanx for asp code men ;)
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:14 AM by ilalama
thanx for code
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:15 AM by ilalama
thanx you
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:24 AM by sohbet
We chat with the best of fall
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 4:45 AM by liseli serap
thank you
good info
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 6:42 AM by Oyun
thanks a lott!

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 128 of 130

# re: Filtering SQL injection from Classic ASP

Wednesday, February 25, 2009 7:16 AM by Spor haberleri
thank you
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 8:31 AM by Technomarine
SQL injection may be over a decade old, but even the best of us need a reminder once in a while.
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 5:51 PM by toki evleri
Thanks....
# re: Filtering SQL injection from Classic ASP
Wednesday, February 25, 2009 7:44 PM by msn nickleri
thank you.
very nice web site
I will read the text continuously
# re: Filtering SQL injection from Classic ASP
Thursday, February 26, 2009 3:14 AM by vidyo,video
thank you ver good!
# re: Filtering SQL injection from Classic ASP
Thursday, February 26, 2009 7:41 AM by Sohbet
Thank you very much
# re: Filtering SQL injection from Classic ASP
Thursday, February 26, 2009 10:00 AM by Projeksiyon
Thank you very much
# re: Filtering SQL injection from Classic ASP
Thursday, February 26, 2009 9:27 PM by aytas
Thank you very much
http://www.ufukaytas.com
# re: Filtering SQL injection from Classic ASP
Friday, February 27, 2009 6:52 AM by Clubturk.net-2. Seo Yarmas - Kahrolsun srail zulm
than
# re: Filtering SQL injection from Classic ASP
Friday, February 27, 2009 7:04 AM by Akrep
thank you very much very good
# re: Filtering SQL injection from Classic ASP
Saturday, February 28, 2009 8:40 AM by murat
thanks.
# re: Filtering SQL injection from Classic ASP
Saturday, February 28, 2009 9:34 AM by hal ykama makinalar
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, March 01, 2009 2:44 PM by sohbet odalar
thanks
# re: Filtering SQL injection from Classic ASP
Monday, March 02, 2009 6:37 AM by hal ykama makinalar
thank
# re: Filtering SQL injection from Classic ASP
Monday, March 02, 2009 8:26 AM by okey oyna
thanks

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 129 of 130

# yabanc? y?ksek prli bloglar bele? backlink - Teknoloji ve Webmaster Platformu

Sunday, March 08, 2009 3:17 AM by yabanc? y?ksek prli bloglar bele? backlink - Teknoloji ve Webmaster
Platformu
Pingback from yabanc? y?ksek prli bloglar bele? backlink - Teknoloji ve Webmaster Platformu
# re: Filtering SQL injection from Classic ASP
Sunday, March 08, 2009 7:13 AM by mircindir
thanks
# re: Filtering SQL injection from Classic ASP
Sunday, March 08, 2009 2:23 PM by simasher
I don't think this using only security bro.
Some bad persons use for the sql injection hacking but however this is a good article thanks..

# re: Filtering SQL injection from Classic ASP

Sunday, March 08, 2009 6:15 PM by e-okul
thanksss
# re: Filtering SQL injection from Classic ASP
Sunday, March 08, 2009 6:43 PM by singlesoul
thanks a lot for this work
# re: Filtering SQL injection from Classic ASP
Sunday, March 08, 2009 7:24 PM by otomasyon
thanks
# re: Filtering SQL injection from Classic ASP
Monday, June 22, 2009 1:04 PM by vayisa
thansk
# re: Filtering SQL injection from Classic ASP
Monday, June 22, 2009 1:04 PM by vayisa
thanks
# re: Filtering SQL injection from Classic ASP
Tuesday, June 23, 2009 9:11 AM by hakan23
thanks you
# re: Filtering SQL injection from Classic ASP
Wednesday, September 09, 2009 1:25 AM by bytamer
thank you
# re: Filtering SQL injection from Classic ASP
Tuesday, December 21, 2010 7:28 AM by Topspy
Old but great post.

Leave a Comment
Title (required)

re: Filtering SQL injection from Classic ASP

Name (required)

Your URL (optional)

Comments (required)

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012

Filtering SQL injection from Classic ASP - Nazim's IIS Security Blog : The Official ... Page 130 of 130

Remember Me?

Submit

http://blogs.iis.net/nazim/archive/2008/04/28/filtering-sql-injection-from-classic-asp.aspx

1/7/2012