yoyois Posted June 29, 2012 Report Share Posted June 29, 2012 http://mytest-php.web44.net/Urmati instructiunile ... nu stiu ce sa ii mai adaug. Sper ca ma puteti ajuta voi cu niste sugestii. As vrea sa rafinez si povestea.Astept parerea voastra! Quote Link to comment Share on other sites More sharing options...
cLw7hp Posted June 29, 2012 Report Share Posted June 29, 2012 Parametru: userTip SQLi: POSTData:'+ (select convert(int,CHAR(95)+CHAR(33)+CHAR(64)+CHAR(50)+CHAR(100)+CHAR(105)+CHAR(108)+CHAR(101)+CHAR(109)+CHAR(109)+CHAR(97)) FROM syscolumns) +'Parametru: userTip vuln: XSS POSTPost data:'"--></style></script><script>alert(0x0002A1)</script> Quote Link to comment Share on other sites More sharing options...
yoyois Posted June 29, 2012 Author Report Share Posted June 29, 2012 (edited) Doar treci de sistemul de logare Edit: vulnerabilitatea Sql trebuie sa existe.Am scos XsS! Treceti de pagina principala de login veti fi redirectionati.Revizuit ... nimeni ? Edited June 29, 2012 by yoyois Quote Link to comment Share on other sites More sharing options...
yoyois Posted July 2, 2012 Author Report Share Posted July 2, 2012 (edited) Postati dovada ca ati ajuns cat mai departe.Astept pareri/ajutor mai am cateva idei! Edited July 2, 2012 by yoyois Quote Link to comment Share on other sites More sharing options...
yoyois Posted July 2, 2012 Author Report Share Posted July 2, 2012 DAM it! Pune ceva la email si apasa LOGIN! te redirectioneaza pe o alta pagina ... si tot asa ... Quote Link to comment Share on other sites More sharing options...
pinguinulturbat Posted July 2, 2012 Report Share Posted July 2, 2012 Done Quote Link to comment Share on other sites More sharing options...
yoyois Posted July 2, 2012 Author Report Share Posted July 2, 2012 pinguinulturbat: UITE-TE ATENT LA profX.jpg poate e scris in notepad ... Quote Link to comment Share on other sites More sharing options...
R3NZoR Posted July 2, 2012 Report Share Posted July 2, 2012 E picat?La mine merge. Quote Link to comment Share on other sites More sharing options...
pinguinulturbat Posted July 2, 2012 Report Share Posted July 2, 2012 pinguinulturbat: UITE-TE ATENT LA profX.jpg poate e scris in notepad ...SELECT * FROM example WHERE user='profX' and pass='5baXXXXXXXXXXXXb7ee68fd8' game will continue! Quote Link to comment Share on other sites More sharing options...
yoyois Posted July 3, 2012 Author Report Share Posted July 3, 2012 ideei cum sa continui? Quote Link to comment Share on other sites More sharing options...