How To Cheeck blind SqL IN Lava?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    How To Cheeck blind SqL IN Lava?

    Plz share the code by which i can cheeck it...

    #2
    There is nothing to share, read and learn one thing after other...
    You can start with this: http://coding-talk.com/f19/sql-injection-16751/
    <!DOCTYPE html PUBLIC "-//WAPFORUM.RS

    Comment


      #3
      just try to put it in your core
      Code:
      function cleanInput($text) {
       
      $search = array(
          '@<script[^>]*?>.*?</script>@si',   // Strip out javascript
          '@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
          '@<style[^>]*?>.*?</style>@siU',    // Strip style tags properly
          '@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
      );
       
          $output = preg_replace($search, '', $text);
          return $output;
      }
      function sanitize($text) {
          if (is_array($text)) {
              foreach($text as $var=>$val) {
                  $output[$var] = sanitize($val);
              }
          }
          else {
              if (get_magic_quotes_gpc()) {
                  $text = stripslashes($text);
              }
              $text  = cleanInput($text);
              $output = mysql_real_escape_string($text);
          }
          return $output;
      }
      function safe($text)
      {
      $safe = stripslashes($text);
      if(function_exists("mysql_real_escape_string"))
      {
      $safe = mysql_real_escape_string($safe);
      }else if(function_exists("mysql_escape_string"))
      {
      $safe = mysql_escape_string($safe);
      }
      return $safe;
      }
      And sanititze all user inputs like this
      Code:
      $page = sanitize(cleanInput($_GET["page"]));
      $who = sanitize(cleanInput($_GET["who"]));
      just try this than n0thing at all

      Comment

      Working...
      X