Thanks to visit codestin.com
Credit goes to github.com

Skip to content

--base64 bug #5019

Closed
Closed
--base64 bug#5019
Labels
bug report
@the-rend

Description

@the-rend
the-rend
opened on Mar 7, 2022
sqlmap -u localhost/dashboard/?id=MTIzCg%3d%3d --base64=id -v4 --batch | grep id=
GET /dashboard/?id=MTIzCg%3d%3d HTTP/1.1
GET /dashboard/?id=MTIzCg%3d%3d HTTP/1.1
GET /dashboard/?id=NzUxMg%3D%3D HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A.%22%28%28%29%29%27%28.%29__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%27WpOXVq%3C%27%22%3EwRIMMQ__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%29%20AND%209739%3D9219%20AND%20%282086%3D2086__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%20AND%205091%3D1562__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%27%29%20AND%202095%3D4506%20AND%20%28%27ponr%27%3D%27ponr__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%27%20AND%202261%3D7930%20AND%20%27xJed%27%3D%27xJed__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%20AND%202264%3D5100--%20iMTT__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__%28SELECT%20%28CASE%20WHEN%20%281655%3D3285%29%20THEN%20%27123%0A%27%20ELSE%20%28SELECT%203285%20UNION%20SELECT%202415%29%20END%29%29__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%29%20AND%20EXTRACTVALUE%284837%2CCONCAT%280x5c%2C0x7178706a71%2C%28SELECT%20%28ELT%284837%3D4837%2C1%29%29%29%2C0x716a767871%29%29%20AND%20%282895%3D2895__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%20AND%20EXTRACTVALUE%284837%2CCONCAT%280x5c%2C0x7178706a71%2C%28SELECT%20%28ELT%284837%3D4837%2C1%29%29%29%2C0x716a767871%29%29__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%27%29%20AND%20EXTRACTVALUE%284837%2CCONCAT%280x5c%2C0x7178706a71%2C%28SELECT%20%28ELT%284837%3D4837%2C1%29%29%29%2C0x716a767871%29%29%20AND%20%28%27SkSn%27%3D%27SkSn__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%27%20AND%20EXTRACTVALUE%284837%2CCONCAT%280x5c%2C0x7178706a71%2C%28SELECT%20%28ELT%284837%3D4837%2C1%29%29%29%2C0x716a767871%29%29%20AND%20%27vmdb%27%3D%27vmdb__BOUNDED_BASE64__ HTTP/1.1
GET /dashboard/?id=__BOUNDED_BASE64__123%0A%20AND%20EXTRACTVALUE%284837%2CCONCAT%280x5c%2C0x7178706a71%2C%28SELECT%20%28ELT%284837%3D4837%2C1%29%29%29%2C0x716a767871%29%29--%20hgvU__BOUNDED_BASE64__ HTTP/1.1

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug report

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions