Paid Advertising is
ha.ckers sla.cking
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
a weird injection...
Posted by: Desperado
Date: May 14, 2012 05:32AM


the waf show that we can't use "and update insert...."

if i inject "*%29%20from%20manage%29%3E0"

it can show me some information:the table manage not exist.

But if*%29%20from%20admin%29%3E0

It will appear the waf.
Any help?????

Options: ReplyQuote
Re: a weird injection...
Posted by: Skyphire
Date: May 14, 2012 08:09PM

well, at least you got an XSS.

Options: ReplyQuote

Sorry, only registered users may post in this forum.