setokaiba Posted January 16, 2006 Share Posted January 16, 2006 It is possible bilding fix SQL-Inj № 1' date='2,3 but № 4,5,6,7,8 - it is impossible bild fix [/quote'] what is 1,2,3,4 blah blah. wow 8 different injections? lol :lol: you got to be kidding :P :lol: <font,rus>Ну и тупой же ты буржуй.... Я думал Что америкосы тупые до бескрайности но оказывается нетак(шутка).</rus> Stupid... Stupid maxtor.... Подразумевается вариации уколов...Ну не в одну же жопу колоть? Укол 1 - команда+"Укол" Укол 2 - Хелп + "Укол" Укол 3 - BнуTре cиcтемныe измeнeния oблacти кoмaнд... -> "PlayHack" Все остальные не раскрываются дабы кто другой недогадался до Этого - профиксить невозможно. даже мелкософт СдохнИт от уколов.... dont need translator to understand this grrrrr Link to comment Share on other sites More sharing options...
fiend Posted January 16, 2006 Share Posted January 16, 2006 Укол 1 - команда+"Укол" Укол 2 - Хелп + "Укол" Укол 3 - BнуTре cиcтемныe измeнeния oблacти кoмaнд... -> "PlayHack" for all who don't speak language that Lenin spoke )) tr-sion: injection 1 - command and "injection" injection 2 - Help + "injection" injection 3 - system internal changes of the command field ... -> "PlayHack" .... suppose he meant that the meaning of "injection" is pretty flexible ... not exact "injection" .... at least in/and for Russian ;0) ... inspiration + brain ... heh, greate cocktail ) and in the end it's told, that other possible "injections" are not revealed, 'cause as long as it's not revealed it's impossible to be fixed ... heh /sorry for maybe bad not native language .... I'm Russian )) / P.S. Dark Beer rules the wold ))) Link to comment Share on other sites More sharing options...
fiend Posted January 16, 2006 Share Posted January 16, 2006 offtop 2 S.T.A.L.K.E.R забавная картинка ... а что, ужель ещё молодеШь узнаёт эти лица? ) Link to comment Share on other sites More sharing options...
Francislaremote Posted January 16, 2006 Share Posted January 16, 2006 Thanks fiend Link to comment Share on other sites More sharing options...
freezonix Posted January 17, 2006 Share Posted January 17, 2006 ух ты млять........................ ноу комментс только картинка понравилась :) Link to comment Share on other sites More sharing options...
arielsat Posted January 18, 2006 Share Posted January 18, 2006 "Все остальные не раскрываются дабы кто другой недогадался до Этого - профиксить невозможно. даже мелкософт СдохнИт от уколов...." :-) :-) :-) p.s. it's true , the current technology of all database software is a old , all database servers can be exploited little tips: search with artmoney this string UPDATE or INTO and you look other possible sql injection's way sry , for my bad english , if wanna delete post Link to comment Share on other sites More sharing options...
Maxtor Posted January 18, 2006 Share Posted January 18, 2006 try to speak english, and edit your posts if its possible. Link to comment Share on other sites More sharing options...
Francislaremote Posted January 19, 2006 Share Posted January 19, 2006 I can shutdown (it doesn't really shutdown, the login server crash) the server where I play with the sql injection in the help file but I can't do the other things (like make gm or create item, delete my own char ...) Anyone have a tip for me ? Link to comment Share on other sites More sharing options...
Caesar32 Posted January 20, 2006 Share Posted January 20, 2006 tell me how you shutdown the server, & maybe i can tell you another things _______________________ Sorry for my english Link to comment Share on other sites More sharing options...
Francislaremote Posted January 20, 2006 Share Posted January 20, 2006 nothing new : bypass -h _bbsaddfav_'SHUTDOWN-- in help file http://www.maxbastards.gr/portal/viewtopic.php?t=302 Link to comment Share on other sites More sharing options...
setokaiba Posted January 20, 2006 Share Posted January 20, 2006 offtop 2 S.T.A.L.K.E.R забавная картинка ... а что' date=' ужель ещё молодеШь узнаёт эти лица? )[/quote'] OFF TOP:да картинката е забавная and СССР 4 ever sorry for off Link to comment Share on other sites More sharing options...
S.T.A.L.K.E.R. Posted January 24, 2006 Share Posted January 24, 2006 search with artmoney this string UPDATE or INTO and you look other possible sql injection's way Есть контакт =)))... укол №5 тока применение вручную... пределаем своё окошко с командами и немного потерраризируем сервак :) если всё делать вручную то это всёже можно фиксануть... а вот если отключив контроллер, засунуть укол в ....... то получится прям таки "пАнель запуска термоядерных рАкет" :lol: Link to comment Share on other sites More sharing options...
gostoso Posted January 24, 2006 Share Posted January 24, 2006 Where can i find artmoney ? Link to comment Share on other sites More sharing options...
Maxtor Posted January 24, 2006 Share Posted January 24, 2006 Where can i find artmoney ? http://www.artmoney.ru/e_download.htm Link to comment Share on other sites More sharing options...
Maxtor Posted January 25, 2006 Share Posted January 25, 2006 search with artmoney this string UPDATE or INTO and you look other possible sql injection's way Есть контакт =)))... укол №5 тока применение вручную... пределаем своё окошко с командами и немного потерраризируем сервак :) если всё делать вручную то это всёже можно фиксануть... а вот если отключив контроллер' date=' засунуть укол в ....... то получится прям таки "пАнель запуска термоядерных рАкет" :lol:[/quote'] so you mean sql injection via memory editing, its method №5 right? (1st post updated) Link to comment Share on other sites More sharing options...
Recommended Posts