|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 137
Members: 0
Total: 137
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
help - mysql injection / php |
|
Posted: Sun Jul 30, 2006 12:07 am |
|
|
716 |
Regular user |
|
|
Joined: Feb 11, 2006 |
Posts: 19 |
|
|
|
|
|
|
|
hi everyone
i never thought i would have to ask this, but could someone help me finding a way in to this site: http://www.bathory.ro/ ?
i usually dont ask for help, and i try to find solutions myself, but i think this time i need some hints/tipps... its really enough if someone just explains to me what to do step-by-step... i guess you can easily use mysql injection in "diakok" (i'm pretty sure the user inputs are not filtered in the search) and in the gallery ("kepekben") you have such addresses: http://www.bathory.ro/kepek/nez.php?e=../kepek/arhiv/kep4493f5e146935
thank you a lot in advance
edit: i managed to get in
now i got some MD5s... and plain-text.info doesnt want to accept them coz queue is full... |
|
|
|
|
|
|
|
|
Posted: Sun Jul 30, 2006 3:03 pm |
|
|
716 |
Regular user |
|
|
Joined: Feb 11, 2006 |
Posts: 19 |
|
|
|
|
|
|
|
well, i have a question... seems like i cannot modify files on the server with PHP... "access denied"... any tipps what i can do, please? |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|