[Full-disclosure] Unicode Left/Right Pointing Double Angel Quotation Mark bypass?
3APA3A
3APA3A at SECURITY.NNOV.RU
Tue May 22 13:58:03 BST 2007
Dear full-disclosure at lists.grok.org.uk,
By the way: I saw Unicode Left Pointing Double Angel Quotation Mark
(%u00AB) / Unicode Right Pointing Double Angel Quotation Mark (%u00BB)
are sometimes translated to '<' and '>'. Does somebody experimented
with
%u00ABscript%u00BB
in different environments to bypass filtering in this way?
--
http://securityvulns.com/
/\_/\
{ , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
|/
Full-Disclosure is hosted and sponsored by Secunia.