ThisisLegal.com

ThisisLegal Forums

Welcome to the forums! A chance for site members to chat and get help.

You are not logged in.

#1 2009-04-08 19:30:55

dpacmittal
Member
Registered: 2009-04-08
Posts: 5

Weird SQL injection??

I've got a site where it gives MySQL error on putting a single quote on the URL but it is not giving error on putting order by 10.  I tried putting order by 100 which would have definitely given error but it didn't. I am just learning to intrude for educational purpose. I am not trying to harm the site in any way.

I am ready to give the URL but I don't want anyone to harm or deface the site. I am using it for educational purposes only.

Ask me and I'll pm you the site but please dont harm or deface it.

Probable t0mmy9 can help me.

Offline

#2 2009-04-09 04:02:00

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: Weird SQL injection??

Anyone is free to help you, instead of giving the URL yet, it would be best to post the error that adding a quote to the url gives you. Especially if the error gives you part of the SQL command.

I dont think order by 100 will give an error if it isnt actually ordering anything.


Site admin

Offline

#3 2009-04-09 07:36:55

dpacmittal
Member
Registered: 2009-04-08
Posts: 5

Re: Weird SQL injection??

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'published') AND image_sort >'' ORDER BY image_sort asc' at line 1

This is the error I get.
If I put order by 100, I should get error as the column no. 100 doesn't exist. Isn't it?

Offline

#4 2009-04-09 07:53:20

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: Weird SQL injection??

True, order by 100 should produce an error. Although i think if used incorrectly, some SQL versions will create a column called 100 and ignore it.

OK, it has given you a fairly large amount of the SQL query, and if your entering a single quote (') then im guessing the SQL is being inputted here:

') AND image_sort

(after the word published) the next step is to find out which syntax you need to comment out lines, (//  /*  or  #)

If you PM me the link, I will try to get you started anyway with this



Site admin

Offline

#5 2009-04-09 07:59:10

dpacmittal
Member
Registered: 2009-04-08
Posts: 5

Re: Weird SQL injection??

yeah sure.

Offline

Board footer

Powered by FluxBB