Reckon Posted December 14, 2014 Report Posted December 14, 2014 Salut, probabil ati folosit pana acum sqlmap.Am facut un script in php care l-am atacat cu sqlmap (vulnerabil la sql injection) sa vad cum lucreaza sqlmap cand tu i comanzi, va las aici rezultatele:http://sprunge.us/PFXI Scriptul php:<?phpmysql_connect("localhost","root","");mysql_select_db("information_schema");$query = mysql_query("SELECT * FROM CHARACTER_SETS where maxlen = '".$_GET['id']."'"); while($rez = mysql_fetch_array($query)){ echo $rez[0]; }$file = fopen("results.txt","a+");$content = $_GET['id']."\n";fwrite($file,$content);?> 1 Quote
Aerosol Posted December 14, 2014 Report Posted December 14, 2014 Reckon e interesant dar nu se incadreaza la tutoriale bre...Ar fi mers la OffTopic. Quote
