Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- # CONFIG
- $host = 'localhost';
- $dbuser = 'root';
- $dbpass = 'password';
- $dbname = 'blind';
- #
- echo "<title>Blind SQL Injection Test D.O.M LABS 2008</title>";
- $db = mysql_connect($host, $dbuser, $dbpass);
- mysql_select_db($dbname,$db);
- $sql = "SELECT * FROM users WHERE id=".$_GET['id'];
- $query = mysql_query($sql);
- if(@mysql_num_rows($query)==0){
- die('No hay columnas');
- }
- $result=@mysql_fetch_row($query);
- echo "<h2><center><u>Blind SQL Injection Test<br>D.O.M LABS</u><br><
- br>";
- echo "<font color='#FF0000'>user_id: </font>".$result[0]."<br>";
- echo "<font color='#FF0000'>username: </font>".$result[1]."<br>";
- // echo "Password: ".$result[2]."<br>";
- echo "</h2></center>";
- die();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement