SQL Injection Help!!

mayjune's Avatar, Join Date: Jun 2009
Invasive contributor
Hi,
Its been two days i have been trying to get access using sql injections... either in username password fields 'z or 1=1 -- etcs or
urls with .php etc
no luck, i did find 1-2 sites which showed that it was vulnerable (one was highly) still it lead me no where...
one site i got it had 11 coloumns
(using the tuts given here http://www.go4expert.com/showthread.php?t=11841)
then i did..
http://www.site.com/news.php?id=5 union all select 1,2,3,4,5,6,7,8,9,10,11/*
it showed the page normally...
no numbers were shown...
then stil to take chance
i replaced each coloumn no. with unhex(hex(@@version)) hoping one of them might work and reveal the sql version, all loaded normally..no version..?
whats wrong?

also many tuts say you can login using
z' or 1=1 --
or
z' or 'x' = 'x
etc etc etc
but i didnt find a single site where it worked...
why?
how do you know where it will work (without trying every possible combination) ?
thanks...

ps - is sql hacking still vulnerable these days? cause it didn't look like...
0
SaswatPadhi's Avatar, Join Date: May 2009
~ Б0ЯИ Τ0 С0δЭ ~
Did you read the VM, I sent ??

I don't think SQL injection hacking is still useful today. Many websites seem to be smart enough to evade it.
0
indiansword's Avatar, Join Date: Oct 2008
Security Expert
Put the URL in here. Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?
0
mayjune's Avatar, Join Date: Jun 2009
Invasive contributor
@indiansword
here's the url
http://www.churchilltrust.com.au/content.php?id=54
also according to me
it has 11 coloumns
table name is users
password coloumn exists
and its mysql version 4
correct me if i am wrong
please explain what strings you used to inject it
Quote:
Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?
i saw many other vbulletins, do they have some other specific loopholes? how to check if they have?
how to know if its made by himself or using wordpress or something else?
thanks a ton..
ps - i don't have anything against this site, only to understand how sql injection works...
0
mayjune's Avatar, Join Date: Jun 2009
Invasive contributor
@saswat
yes i saw, i replied too i think
well i read one reply by someone somewhere that there are so many sites, there has to be quite a few still which are still vulnerable to sql injection, people are still ingnorant thinking there site won't be hacked......
that gave me a boost, and i will find atleast one site
0
SaswatPadhi's Avatar, Join Date: May 2009
~ Б0ЯИ Τ0 С0δЭ ~
Best of luck for your quest