EvilZone

Hacking and Security => Hacking and Security => : warres December 31, 2014, 05:30:24 PM

: Error while SQL injection.
: warres December 31, 2014, 05:30:24 PM

Hey guys , I just tried SQL injecting a website but I always keep getting this error
"Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /var/www/agit/site.php on line 422"
What does this mean ? I mean for every order by command , i get this.

Would be great if somebody helped me out here :D Sorry for being such a newb :/

: Re: Error while SQL injection.
: madf0x December 31, 2014, 06:19:34 PM

it means the resulting syntax is wrong, go back to basics, also google could have given you this answer.

: Re: Error while SQL injection.
: HexEngineer January 03, 2015, 07:47:04 PM

You could try adding -- after you query. If you aren't familiar with SQL better learn it first before start exploiting. Also mysql_fetch_assoc() is function in PHP, this is probably the most widely used programming language for back-end development it's good to learn it too.
In case you want recommendation about resources, in my opinion it depent on your experience.

P.S.
Sorry for my bad grammar.

: Re: Error while SQL injection.
: Ech0x7 January 06, 2015, 10:01:21 PM

plus from what you showed, you don't need to go worring about path discovery , as the error page is not custom.. again you do have to understand sql and its query to inject .. google is our lover , so don't be shy to use it.. p.s