Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
super hard injection for me
Posted by: kenjii
Date: November 08, 2013 06:44AM

hi all

i have found another website with sql vulnerability but i just can do nothing

Here is the link :

Tools like acunetix say it's vulnerable to sql injection but everything i try don't work .

it give me this alert :

URL encoded GET input products_id was set to -1' or '3'='3

if somebody can help me i really whant to learn more about this .

sorry for my bad english

Options: ReplyQuote
Re: super hard injection for me
Posted by: tascio
Date: November 08, 2013 11:32AM

sometimes acunetix wrong

if havij cant then acunetix got a false positive

Options: ReplyQuote
Re: super hard injection for me
Posted by: jammy99
Date: November 13, 2013 10:42PM

acunetix is gay for finding sqli. it can show sqli in any site in cookie param.

and that is wrong

try finding new point

Options: ReplyQuote

Sorry, only registered users may post in this forum.