0
Suppose that i found site has gt an sql injected site ... how can I show thae name of the tables?
3 Antworten
+ 3
Don't do it.
Inform the webmaster of the page and mark it as done else your pretty likely going to jail for that shit
+ 1
You inject a `SHOW TABLES;`.
It really depends on what SQL server they use and what the website looks like so you can get it to display.
But yeah, you should probably be nice and send the guys an email.
0
To know that there is an sqli vuln i must inject payload like select to know if this input has got this vuln or not ...so .... and suppose that i see thae database...what is the problem of this?? I will not steal them☺
I will tell the webmaster of course