SQL Injection Help!!

mayjune

Hi,
Its been two days i have been trying to get access using sql injections... either in username password fields 'z or 1=1 -- etcs or
urls with .php etc
no luck, i did find 1-2 sites which showed that it was vulnerable (one was highly) still it lead me no where...
one site i got it had 11 coloumns
(using the tuts given here http://www.go4expert.com/showthread.php?t=11841)
then i did..
http://www.site.com/news.php?id=5 union all select 1,2,3,4,5,6,7,8,9,10,11/*
it showed the page normally...
no numbers were shown...
then stil to take chance
i replaced each coloumn no. with unhex(hex(@@version)) hoping one of them might work and reveal the sql version, all loaded normally..no version..?
whats wrong?

also many tuts say you can login using
z' or 1=1 --
or
z' or 'x' = 'x
etc etc etc
but i didnt find a single site where it worked...
why?
how do you know where it will work (without trying every possible combination) ?
thanks...

ps - is sql hacking still vulnerable these days? cause it didn't look like...

SaswatPadhi

Did you read the VM, I sent ??

I don't think SQL injection hacking is still useful today. Many websites seem to be smart enough to evade it.

indiansword

Put the URL in here. Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?

mayjune

@indiansword
here's the url
http://www.churchilltrust.com.au/content.php?id=54
also according to me
it has 11 coloumns
table name is users
password coloumn exists
and its mysql version 4
correct me if i am wrong
please explain what strings you used to inject it

Quote:

Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?

i saw many other vbulletins, do they have some other specific loopholes? how to check if they have?
how to know if its made by himself or using wordpress or something else?
thanks a ton..
ps - i don't have anything against this site, only to understand how sql injection works...

mayjune

@saswat
yes i saw, i replied too i think
well i read one reply by someone somewhere that there are so many sites, there has to be quite a few still which are still vulnerable to sql injection, people are still ingnorant thinking there site won't be hacked......
that gave me a boost, and i will find atleast one site

SaswatPadhi

Best of luck for your quest

mayjune Invasive contributor
6Jul2009,04:03	#1
	Hi, Its been two days i have been trying to get access using sql injections... either in username password fields 'z or 1=1 -- etcs or urls with .php etc no luck, i did find 1-2 sites which showed that it was vulnerable (one was highly) still it lead me no where... one site i got it had 11 coloumns (using the tuts given here http://www.go4expert.com/showthread.php?t=11841) then i did.. http://www.site.com/news.php?id=5 union all select 1,2,3,4,5,6,7,8,9,10,11/* it showed the page normally... no numbers were shown... then stil to take chance i replaced each coloumn no. with unhex(hex(@@version)) hoping one of them might work and reveal the sql version, all loaded normally..no version..? whats wrong? also many tuts say you can login using z' or 1=1 -- or z' or 'x' = 'x etc etc etc but i didnt find a single site where it worked... why? how do you know where it will work (without trying every possible combination) ? thanks... ps - is sql hacking still vulnerable these days? cause it didn't look like...

SaswatPadhi ~ Б0ЯИ Τ0 С0δЭ ~
6Jul2009,05:52	#2
	Did you read the VM, I sent ?? I don't think SQL injection hacking is still useful today. Many websites seem to be smart enough to evade it.

indiansword Security Expert
6Jul2009,06:05	#3
	Put the URL in here. Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?

mayjune Invasive contributor
6Jul2009,12:43	#4
	@indiansword here's the url http://www.churchilltrust.com.au/content.php?id=54 also according to me it has 11 coloumns table name is users password coloumn exists and its mysql version 4 correct me if i am wrong please explain what strings you used to inject it Quote: Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself? i saw many other vbulletins, do they have some other specific loopholes? how to check if they have? how to know if its made by himself or using wordpress or something else? thanks a ton.. ps - i don't have anything against this site, only to understand how sql injection works...

mayjune Invasive contributor
6Jul2009,12:46	#5
	@saswat yes i saw, i replied too i think well i read one reply by someone somewhere that there are so many sites, there has to be quite a few still which are still vulnerable to sql injection, people are still ingnorant thinking there site won't be hacked...... that gave me a boost, and i will find atleast one site

SQL Injection Help!!

Already a member?

Not a member yet?

Search Go4Expert

Latest Forum Topics

Find Us On Facebook

Latest Articles

SaswatPadhi ~ Б0ЯИ Τ0 С0δЭ ~
6Jul2009,12:48	#6
	Best of luck for your quest

User Name:		Save
Password