Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: CommieCutter

Try SQL injection. Type a semicolon followed by SELECT * FROM USER.

If they haven’t coded to preclude it, this will cause the server to list all user information. Of course, the table name may be different. If it returns a programming error, try replacing USER with NAME or some such.


134 posted on 12/01/2013 5:29:08 PM PST by gitmo (If your theology doesn't become your biography, it's useless. huh?)
[ Post Reply | Private Reply | To 29 | View Replies ]

To: gitmo; CommieCutter

Of course, no professional would leave that door open. Only a noob would allow SQL injection into their system.


135 posted on 12/01/2013 5:30:38 PM PST by gitmo (If your theology doesn't become your biography, it's useless. huh?)
[ Post Reply | Private Reply | To 134 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson