Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Admin login forbidden
Posted by: secdude
Date: December 18, 2012 08:26PM

Hi all,

me new to SQLi, have got the username and password for a website which has WAF. and the website has the admin login page as follows,
example.com///access/sf2.mdb. WAF deny me to open this page. I had used the following trick to bypassing waf while extracting the data.

exaple.com/newsID=-1 union (select 1,2,table_name,4,5 from /*!information_schema*/.tables) --

can somebody help me to get this admin page?

thanks in advance champs.

Options: ReplyQuote
Re: Admin login forbidden
Posted by: hack2012
Date: December 29, 2012 04:43AM

URL ???

Options: ReplyQuote


Sorry, only registered users may post in this forum.