[kylexy]

hey guys... i'm in need for some help here
i found this website with a php index page, and there's a mysql database behind it
there's a search box in it and i tried some script but it didn't work , but i was able to make an iframe and i could see the square 200x200 on screen
i mean, now that i can use iframe in this site, what can i do with it /?
i mean so is this some kind of a vulnerability ? and if so, what can i do to this site
i swear i have no black intentions, just testing my skills

[Alex.Gabriel]

You can iframe even google's search engine. If the IFramed part of that website does not contain/lead to any viruses is ok. If you want to use that search form , you can make a form in your website and post to that form then depending on how that form returns answers you can use an iframe or some code to retrieve results.

[kylexy]

... thanx Alex.Gabriel
if i may ask you sth else... what about the site's database ?
i mean, how can i get to it, sql statements i tried gave me some weird output, i have no idea what kind of query that developer wrote, but i was able to get the full path of query-processor file inside server
what should i learn to dump the database ?

[Alex.Gabriel]

You cant dump database if you don't have access to phpmyadmin(with user/password) or to an internal file writen with database info / login password/ database. If you have access to these info you can easily export database tables