1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SQL Injection Help!!

Discussion in 'Ethical hacking' started by mayjune, Jul 5, 2009.

  1. mayjune

    mayjune New Member

    Joined:
    Jun 14, 2009
    Messages:
    817
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Pune,Delhi
    Hi,
    Its been two days i have been trying to get access using sql injections... either in username password fields 'z or 1=1 -- etcs or
    urls with .php etc
    no luck, i did find 1-2 sites which showed that it was vulnerable (one was highly) still it lead me no where...
    one site i got it had 11 coloumns
    (using the tuts given here http://www.go4expert.com/showthread.php?t=11841)
    then i did..
    http://www.site.com/news.php?id=5 union all select 1,2,3,4,5,6,7,8,9,10,11/*
    it showed the page normally...
    no numbers were shown...
    then stil to take chance
    i replaced each coloumn no. with unhex(hex(@@version)) hoping one of them might work and reveal the sql version, all loaded normally..no version..?
    whats wrong?

    also many tuts say you can login using
    z' or 1=1 --
    or
    z' or 'x' = 'x
    etc etc etc
    but i didnt find a single site where it worked...
    why?
    how do you know where it will work (without trying every possible combination) ?
    thanks...

    ps - is sql hacking still vulnerable these days? cause it didn't look like...
     
  2. SaswatPadhi

    SaswatPadhi ~ Б0ЯИ Τ0 С0δЭ ~

    Joined:
    May 5, 2009
    Messages:
    1,343
    Likes Received:
    55
    Trophy Points:
    0
    Occupation:
    STUDENT !
    Location:
    Orissa, INDIA
    Home Page:
    Did you read the VM, I sent ??

    I don't think SQL injection hacking is still useful today. Many websites seem to be smart enough to evade it.
     
  3. indiansword

    indiansword Security Expert

    Joined:
    Oct 19, 2008
    Messages:
    496
    Likes Received:
    36
    Trophy Points:
    0
    Occupation:
    Operation Planner for 3 Australia
    Home Page:
    Put the URL in here. Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?
     
  4. mayjune

    mayjune New Member

    Joined:
    Jun 14, 2009
    Messages:
    817
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Pune,Delhi
    @indiansword
    here's the url
    http://www.churchilltrust.com.au/content.php?id=54
    also according to me
    it has 11 coloumns
    table name is users
    password coloumn exists
    and its mysql version 4
    correct me if i am wrong
    please explain what strings you used to inject it
    i saw many other vbulletins, do they have some other specific loopholes? how to check if they have?
    how to know if its made by himself or using wordpress or something else?
    thanks a ton..
    ps - i don't have anything against this site, only to understand how sql injection works...
     
  5. mayjune

    mayjune New Member

    Joined:
    Jun 14, 2009
    Messages:
    817
    Likes Received:
    33
    Trophy Points:
    0
    Occupation:
    Student
    Location:
    Pune,Delhi
    @saswat
    yes i saw, i replied too i think
    well i read one reply by someone somewhere that there are so many sites, there has to be quite a few still which are still vulnerable to sql injection, people are still ingnorant thinking there site won't be hacked......
    that gave me a boost, and i will find atleast one site :)
     
  6. SaswatPadhi

    SaswatPadhi ~ Б0ЯИ Τ0 С0δЭ ~

    Joined:
    May 5, 2009
    Messages:
    1,343
    Likes Received:
    55
    Trophy Points:
    0
    Occupation:
    STUDENT !
    Location:
    Orissa, INDIA
    Home Page:
    Best of luck for your quest :)
     

Share This Page