EvilZone
Hacking and Security => Hacking and Security => Topic started by: worf2910 on November 05, 2011, 08:42:28 AM
-
Hi!
I have the following SQL injection (Im testing it locally for my security purposes) and (argh!) it works!
index.php?lvl=categories&id=453+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+%28select+concat%280x7e%2C0x27%2Ccount%28table_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x6F63696D%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1
I can read my username and encrypted pwd BUT fortunately I cannot INSERT/UPDATE or DELETE anything and the password is 41 digits preceeded with an asterisk (one-way encrypton) Is there a way for someone to use this injection to change my credential? I mean, using in the query the SQL command INSERT etc...
Thank you for an answer
WORF
-
You cannot use a INSERT or UPDATE command in a SELECT query, unless the script is coded in such a way, that you can do multiple queries. In that case, all you need to do is add ; to the end of the SELECT command and enter a new one after it. But this rarely/never happens.
-
You cannot use a INSERT or UPDATE command in a SELECT query, unless the script is coded in such a way, that you can do multiple queries. In that case, all you need to do is add ; to the end of the SELECT command and enter a new one after it. But this rarely/never happens.
ok so would this work if i did this
and if so what security should i use so i dont get caught shutting down a site?
-
ok so would this work if i did this
and if so what security should i use so i dont get caught shutting down a site?
First line dident make sense.
Get yourself some non-logging private proxies. How you get them is up to you.
-
First line dident make sense.
Get yourself some non-logging private proxies. How you get them is up to you.
Would this work to hit down a website is what I mean
And how do i get a non logging proxy
-
Would this work to hit down a website is what I mean
HaHa.. now you are on complete diffrent topic. that code is not for shutting down the site.
Why don't you read some tutorial given in this forum.
And how do i get a non logging proxy
there are some threads about proxies in hacking sections. surf a bit on that.
-
HaHa.. now you are on complete diffrent topic. that code is not for shutting down the site.
Why don't you read some tutorial given in this forum.
there are some threads about proxies in hacking sections. surf a bit on that.
He is reading tutorials on forums.
If your goal is to take down a website, sqli is a very good start.
When you are lucky you can gather e.g the admin password, and try to fuck things up, or get acces to the control panels running the website.
-
How come this "SQL injection" link example is the same as one posted by Santa?
http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173 (http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173)
Looks fishy :D
-
How come this "SQL injection" link example is the same as one posted by Santa?
http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173 (http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173)
Looks fishy :D
Because I posted a topic wondering if it woul work
I dont claim anything is mine
-
How to prevent SQL injection attacks?
plz help me......
-
How to prevent SQL injection attacks?
plz help me......
How did this one get in?..
"plz" wont work very well in here, infact its reason to kill.
Learn things from the ground up, and you will know how to secure yourself against SQL injections.
-
Still one Thing I dont understand about this all is: How the hell do you give commands?
I have no idea where to put SELECT, INSERT or any other command :S
-
Still one Thing I dont understand about this all is: How the hell do you give commands?
I have no idea where to put SELECT, INSERT or any other command :S
Helps if you know MySQL or any other SQL language :P