|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 119
Members: 0
Total: 119
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Help with SQL injection |
|
Posted: Wed Sep 23, 2009 10:40 am |
|
|
Hanna313 |
Active user |
|
|
Joined: Dec 17, 2008 |
Posts: 26 |
|
|
|
|
|
|
|
hello,
I am testing a site that is vulnerable to SQL injection.
When I put a quote after www.example.com/id=118' it says you have an error in your SQL syntax.
The next thing i try is to get the number of columns, but this doesnt work.
When i do www.example.com/id=118 order by 1/* the sites loads normal, he also loads normal when i replace 1 by 99999999999999999999
I dont know what i should do now.
Can somebody help me out with this?
Hanna |
|
|
|
|
www.waraxe.us Forum Index -> All other hashes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|