badrh0 |
Active user |
|
|
Joined: Jul 06, 2008 |
Posts: 32 |
|
|
|
|
|
|
|
Hi everybody;
Can someone tell why and how this injection works:
z' AND IF(ascii(lower(substring(database(),$i,$j)))>100,(SELECT 1 UNION ALL SELECT $k),'$l')='1
I mean, what does the differnet variables mean, fos substring I know the function but what does it mean to write database() as arguments, is it an array?
If I want to create a script to tackle responses (1 or 0) what must I change in this injection?
Is there other possible injections to extract table names?
In short, I want know the theoretical basis of all that
PS: wenta skout :-p |
|