Hard Waf Bypassed 2016 – SQLi Basic

Hi,
My Facebook Link: https://www.facebook.com/shaifullah01
site: http://www.gruporosul.com
My Blog: http://sqli-basic.blogspot.com/

I am Black_EyE from Bangladesh.
#** This Video Only for Education Purpose.**#

I am Shaifullah from Bangladesh.
My Hex Name is Black_EyE
Now I am crew at Cyber TeamRox
Today I wanna Show you to Hard Waf Bypassed on a challenge 😀
Easy Challenge 🙂
http://www.gruporosul.com/interior.php?id=197
 *  Union Base   Get Method  
 *  Injector Name , version , user, database , hostname , symlink , bit , filesystem , macaddress
 ~  Solvers  ~

It’s also challenge Solution 😀

Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in /home/linkestu/public_html/cms/_includes/conexion.php on line 43

Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in /home/linkestu/public_html/cms/_includes/conexion.php on line 43

This SQLi also called boolean based SQL injection
Fixed 😀
Warning: mysql_fetch_row() expects parameter 1 to be resource, boolean given in /home/linkestu/public_html/cms/_includes/conexion.php on line 43
Online Error
We needed to find Two line Error 😀
17 Columns 😀

www.gruporosul.com
owner has denied your access to the site.

SiteLock Incident ID 86000940090179800-207747580998059497
Your IP Address 159.253.145.150
Proxy IP 149.126.72.86
Proxy ID 1086
Server IP N/A
Error Code 15
Error Name Security error (code 15)
Error Description This request was blocked by the security rules
My IP Blocked
:v

Today I Wanna show you 2/3 Method waf bypass method in UnioN
Not be fixed :
Go to 1st Method to bypass this shit 😀 using e0 & BOF method 😀

Yeahoo!!! We success to bypass 😀
Now we go to 2nd method to bypassed 😀
now we going to solve all in challenge 😀

 *  Injector Name , version , user, database , hostname , symlink , bit , filesystem , macaddress

Challenge Link: http://pastebin.com/raw/qudnALcq

Our Challenge Solve 😀
Now We get print table & column 😀

Inject Link: http://pastebin.com/raw/KVriu9gL

Injected By BlAcK_EyE
Version :: 5.5.48-37.8
User :: linkestu_newros@localhost
Database :: linkestu_rosul
Host Name :: rondo.websitewelcome.com
Symlink :: YES
Bit :: x86_64
File System :: binary
MAC Address :: 4a66490f-7282-11e6-9f2b-525400884862
•  cms_category ::: id,
•  cms_category ::: nombre,
•  cms_category ::: orden,
•  cms_category ::: descripcion,
•  cms_category ::: descripcion2,
•  cms_category ::: imagen,
•  cms_category ::: imagen1,
•  cms_category ::: imagen3,
•  cms_category ::: father,
•  cms_category_ingles ::: id,
•  cms_category_ingles ::: nombre,
•  cms_category_ingles ::: orden,
•  cms_category_ingles ::: descripcion,
•  cms_category_ingles ::: imagen,
•  cms_category_ingles ::: father,
•  cms_content ::: id,
•  cms_content ::: titulo,
•  cms_content ::: banos,

We Successfully Bypassed All 😀
Thanking for watch my Video
Please Subscribe my Channel & like my Videos 😀
Allah Hafez 😀
Take Care 😀
Happy Injecting

All are text I put in the Description 😀
Stay with me 😀

**** all query I posted in videos description.
**** Please stay with me, subscribe, like & share my video if you are **** interested & get some knowledge.

My Facebook Link: https://www.facebook.com/shaifullah01
My Blog: http://sqli-basic.blogspot.com/

%%%%%%%%% Knowledge Should be Free %%%%%%%%%

It’s an Online It Section
Please Subscribe us.




Leave a Reply

Your email address will not be published. Required fields are marked *

Name *
Email *
Website