| 
  
        |  |  |  
      
        |  |  
  | 
  
    | 
	|  | Menu |  |  
     
     | 
      
       | 
        
         | 
          
           | 
						|  |  |  Home |  |  |  |  |  |  |  |  Discussions |  |  |  |  |  |  |  |  Tools |  |  |  |  |  |  |  |  Affiliates |  |  |  |  |  |  |  |  Content |  |  |  |  |  |  |  |  Info |  |  |  |  |  |  |  |  |  |  
  
    | 
	|  | User Info |  |  
     
     | 
      
       | 
        
         | 
          
           |  Membership: 
  Latest: MichaelSnaRe 
  New Today: 0 
  New Yesterday: 0 
  Overall: 9144 
 
  People Online: 
  Visitors: 105 
  Members: 0 
  Total: 105 
 |  |  |  |  |  
  
    | 
	|  | Full disclosure |  |  |  | 
  
    | 
	|  |  |  |  
        
          | 
              
                | 
                    
                      | 
                          
                            | 
	| 
	
		|  |  |  
		|  | IT Security and Insecurity Portal |  |  
 
	|  | SQL inj error Help |  |  
	| 
	
		|  Posted: Sat Mar 29, 2008 9:09 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| w0rm |  | Active user |  |  
  |  |  |  | Joined: Feb 22, 2008 |  | Posts: 49 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| Hi , look in this error   
 
  	  | Code: |  	  | index.php?a_id=-1'a | 
 
 
 
  	  | Code: |  	  | Warning: ociparse() [function.ociparse]: OCIParse: ORA-01756: quoted string not properly terminated in /data/site/htdocs/www/support/sar/includes/common.php on line 196 
 Warning: ociexecute(): supplied argument is not a valid OCI8-Statement resource in /data/site/htdocs/www/support/sar/includes/common.php on line 197
 
 Warning: ocifetch(): supplied argument is not a valid OCI8-Statement resource in /data/site/htdocs/www/support/sar/includes/common.php on line 198
 
 Warning: ociresult(): supplied argument is not a valid OCI8-Statement resource in /data/site/htdocs/www/support/sar/includes/common.php on line 199
 
 Warning: ocifreestatement(): supplied argument is not a valid OCI8-Statement resource in /data/site/htdocs/www/support/sar/includes/common.php on line 200
 This site is crowded now.
 Resource id #10
 | 
 
 
 Help for l'sql injection ? Oracle
  |  |  
		|  |  |  
	|  |  |  | 
 
	|  |  |  |  
	| 
	
		|  Posted: Sat Mar 29, 2008 11:02 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| waraxe |  | Site admin |  |  
  |  |  |  | Joined: May 11, 2004 |  | Posts: 2407 |  | Location: Estonia, Tartu |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| Yes, it's Oracle and you seem to have sql injection conditions indeed. Now try to get syntax right. |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Sun Mar 30, 2008 11:40 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| w0rm |  | Active user |  |  
  |  |  |  | Joined: Feb 22, 2008 |  | Posts: 49 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | waraxe wrote: |  	  | Now try to get syntax right. | 
 
 waraxe i'am not pro in SQL inj oracle , plz tell me how i start ?
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Mon Mar 31, 2008 10:46 am |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| w0rm |  | Active user |  |  
  |  |  |  | Joined: Feb 22, 2008 |  | Posts: 49 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| plz i need help   
 order+by+x [ Not working ]
  |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Tue Apr 01, 2008 1:09 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| waraxe |  | Site admin |  |  
  |  |  |  | Joined: May 11, 2004 |  | Posts: 2407 |  | Location: Estonia, Tartu |  |  
 
 |  |  
			|  |  |  
 
 |  |  
		|  |  |  
	|  |  
	| www.waraxe.us Forum Index -> Sql injection 
 
	
		| You cannot post new topics in this forum You cannot reply to topics in this forum
 You cannot edit your posts in this forum
 You cannot delete your posts in this forum
 You cannot vote in polls in this forum
 
 | All times are GMT Page 1 of 1
 
 |  |  
	|  |  
 Powered by phpBB © 2001-2008 phpBB Group
 
 
 
 
 |  |  |  |  |  |  |