Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
DB_Error::fetchRow() ?_?
Posted by: tascio
Date: November 05, 2013 06:00AM

this is vuln to sql inj
http://www.aeroporto.catania.it/page.php?cPath=24

havij can inject in blind mode
but if i try something like order by or group by, or an union manually i get this error

Fatal error: Call to undefined method DB_Error::fetchRow() in /opt/www/aeroporto.catania.it/page.php on line 17

what injection have to learn to bypass this error?

Options: ReplyQuote
Re: DB_Error::fetchRow() ?_?
Posted by: jammy99
Date: November 13, 2013 10:55PM

better learn php with oops concept to hack such websites.

Options: ReplyQuote
Re: DB_Error::fetchRow() ?_?
Posted by: tascio
Date: November 14, 2013 05:12AM

anyway it's a blind sql inj :P

Options: ReplyQuote
Re: DB_Error::fetchRow() ?_?
Posted by: jammy99
Date: November 14, 2013 05:38AM

yes its blind for sure

Options: ReplyQuote


Sorry, only registered users may post in this forum.