HOW TO FIND VULN COLUMN TUT PART-3
----------------------------------------------------
RECALL - in 1st post we learn to find vuln site?
RECALL - in second post we learn to find how many column are there order by methOd
Next stEp now we will find vuln site vuln column don't be confuse that 2times same method?
yeah there is two step to find vuln column it mean 1st you have to find how many column are there in site and to make sure that there is how many column we need to use this "union select" methOd
1st post- click here
2nd post- click here
site- we will practise in this site
http://www.skitm.edu.in/faculty.php?id=2
All step wise 1st we learn how to find either it is vuln or not yeah?
Here we use method like this
http://www.skitm.edu.in/faculty.php?id=2'
getting sql error yeah? It mean this site is vuln.
#2nd post
in second step what we learn? we learn how to find vuln column? Like this
http://www.skitm.edu.in/faculty.php?id=2 order by 3
#3rd step is that to find vuln column both are column but to find vuln column result in screen we need order by to get result in screen like shown in screenShOt,
Here we go in step now
1) do you remember or not while we inject this site we got last error in 3 yeah? It mean here is 2 column now to display how many vuln column are there in screen we have to use following query
http://www.skitm.edu.in/faculty.php?id=-2 union select 1,2--What i have change in this site?
=> after id=parameter i haven't change there anything but i have put there sign '-' while using union select always remember to put that sign before parametEr..
how we will know that we have to put union select 1,2?
=> we have to use 1st order by method after knowing column vuln we have tO use according to vuln column value in union select..
example-
site- http://www.calidus.ro/
vuln site http://www.calidus.ro/en/news.php?id=2
To check the vuln column value in screen you will get some number in screen like 1,2,3 only one digit
Another examplei got last error in 5 so i know now there is vuln in 4 so i use union select 1.2,3,4 and in screen i get vuln is column 2
http://www.calidus.ro/en/news.php…
#remember that when you use order by method and get vuln column according to it's value put it in union select
Hope you understand
#feel free to ask help
Post challenge about only finding vuln column now it will help to learn easily
Have you heard about programmed ATM card? email: (williamshackers@hotmail.com) or WhatsApp +27730051607 for enquiring on how to get the ATM programmed card.
ReplyDeleteWe have special cash loaded programmed ATM card of $5000, $10000, $15000, $20000 and any amount your choice you need for you to buy your dream car, house and to start up your own business. Our ATM card can be used to withdraw cash at any ATM or swipe, stores and POS. Our card has daily withdrawal limit depending card balance you order. Contact us via Email if you need a card email: (williamshackers@hotmail.com) or WhatsApp +27730051607.
Selling USA FRESH SSN Leads/Fullz, along with Driving License/ID Number with good connectivity.
ReplyDelete**Price for One SSN lead 2$**
All SSN's are Tested & Verified. Fresh spammed data.
**DETAILS IN LEADS/FULLZ**
->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL
->EMPLOYEE DETAILS
->Bulk order negotiable
->Hope for the long term business
->You can asked for specific states too
**Contact 24/7**
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040
This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:
ReplyDelete-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change
-funds recovery
Email: onlineghosthacker247@ gmail .com
Selling USA FRESH SPAMMED SSN Leads/Fullz, along with Driving License/ID Number with EXCELLENT connectivity.
ReplyDelete**PRICE**
>>2$ FOR EACH LEAD/FULLZ/PROFILE
>>5$ FOR EACH PREMIUM LEAD/FULLZ/PROFILE
>All Leads are Tested & Verified.
>Invalid info found, will be replaced.
>Serious buyers will be welcome & will give discounts to them.
>Fresh spammed data of USA Credit Bureau
>Good credit Scores, 700 minimum scores.
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040
**DETAILS IN EACH LEAD/FULLZ**
->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER WITH EXPIRY DATE
->ADDRESS WITH ZIP
->PHONE NUMBER, EMAIL, I.P ADDRESS
->EMPLOYEE DETAILS
->REALTIONSHIP DETAILS
->MORTGAGE INFO
->BANK ACCOUNT DETAILS
->Bulk order will be preferable
->Minimum order 25 to 30 leads/fullz
->Hope for the long term business
->You can asked for specific states & zips
->You can demand for samples if you want to test
->Data will be given with in few mins after payment received
->Payment mode BTC, PAYPAL & PERFECT MONEY
**Contact 24/7**
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040