',table_name from information_schema.tables where 2>1--/**/; exec xp_cmdshell('cat ../../../etc/passwd')', searchPageNumber: 1 }); }); t = d.getElementsByTagName("script")[0]; s = d.createElement("script"); s.type = "text/javascript"; s.src = "//an.yandex.ru/system/context.js"; s.async = true; t.parentNode.insertBefore(s, t); })(this, this.document, "yandexContextAsyncCallbacks");
Поиск Google ничего не нашел

qmkn=1303 AND 1=1 UNION ALL SELECT 1, NULL,'<script>alert...

pastebin.com

We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand. Not a member of Pastebin yet? Sign Up, it unlocks many cool features!

SQL Injection Cheat Sheet | Netsparker | Table Of Contents

www.netsparker.com

SELECT header, txt FROM news UNION ALL SELECT name, pass FROM members This will combine results from both news table and members table and return all of them. Another Example: ' UNION SELECT 1, 'anotheruser', 'doesnt matter', 1--. UNION – Fixing Language Issues.

Pentest-Cheat-Sheets/README.md at master...

github.com

Finding table names from a database. mysql.

Шпаргалка по SQL инъекциям | DefconRU

defcon.ru

11223344) UNION SELECT 1,NULL,NULL,NULL WHERE 1=2 –- Если нет ошибки, значит первый столбец является числом.

sql - Script that provides the row counts and table names

stackoverflow.com

-- Shows all user tables and row counts for the current database -- Remove OBJECTPROPERTY function call to include system objects SELECT o.NAME, i.rowcnt FROM sysindexes AS i INNER JOIN sysobjects AS o ON i.id = o.id WHERE i.indid < 2 AND OBJECTPROPERTY(o.id, 'IsMSShipped') = 0...

XSS game | What's this all about?

xss-game.appspot.com

Cross-site scripting (XSS) bugs are one of the most common and dangerous types of vulnerabilities in Web applications.

XSS глазами злоумышленника / Хабр

habr.com

Что такое XSS и как от него защитится все уже давно знают, поэтому буду краток. XSS это возможность злоумышленника определенным образом (ссылку на возможные варианты смотрите в конце статьи)...

SQL injection UNION attack. What is union select? | Medium

medium.com

SELECT a, b FROM table1 UNION SELECT c, d FROM table2. This SQL query will return a single result set with two columns, containing values

How to find Memory static Addresses & Offsets with Cheat Engine for...

www.youtube.com

The key addresses and offsets are the for e.g. the playerbase, obviously we need to find static ones so that they remain the same after every game restart.

Xss для новичков | ANTICHAT - Security online community | Форум

forum.antichat.ru

Привет!!! В этой теме я хочу детально описать Xss от A до Я. На античате много есть инфы по

Поиск реализован с помощью YandexXML и Google Custom Search API