 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 447
 Members: 0
 Total: 447
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
Sql injection posibilities |
|
 Posted: Thu Nov 04, 2004 9:07 pm |
 |
|
| frisco |
| Beginner |
 |
|
| Joined: Nov 04, 2004 |
| Posts: 4 |
|
|
|
 |
|
 |
|
Searching throught several web I usually surf I have found a SQL injenction vuln but it is in a propietary software so I dont know how the hell get data for another table behind the one that is used in the query.
The site is running with php and mysql and without I think that phpuser doesn't have any privileges on the mysql.* tables becouse after checking the number of atributes of the query and finding some strings that will be visible on the final page selecting atributes from mysql.user table only lead me to mysql_fetch_array() errors (this is the only error I can see).
Any ideas or comments.
For you interest the link is:
http://www.ciber-rebellion.com/tiendarebel/verampliacion.php?idAmpl=10 LIMIT 0,1 UNION SELECT null,user,password,1,2,1,1,1,1,null,null,null,null from mysql.user/*
Its a spanish webpage and found mysql version is 4.0.20 |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
