Posts: 4192 Location: The Netherlands Joined: 14.04.07 Rank: God Warn Level: 90
Posted on 03-12-07 10:26
You should code some PHP. Here, an example:
SELECT $cookievalue FROM example_table
If you brush up your PHP skills you will get it.
"The chowner of property." - Zeph
“Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.” - Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
RE: Cookie poisoning as in Basic20 (Basic20-spoiler)
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 03-12-07 19:07
That's the part I did understand
But but but..
Is it like this?
- Login using MySQL;
- Set 'whoami' in cookie;
- Check the value on 'whoami' and display data based on this intel (You are logged in as)
SELECT * FROM ... WHERE user='$cookievalue'OR'1'='1'
Something like that?
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.