Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   SQL Injection Help!! (http://www.go4expert.com/forums/sql-injection-help-t18366/)

mayjune 6Jul2009 04:03

SQL Injection Help!!
 
Hi,
Its been two days i have been trying to get access using sql injections... either in username password fields 'z or 1=1 -- etcs or
urls with .php etc
no luck, i did find 1-2 sites which showed that it was vulnerable (one was highly) still it lead me no where...
one site i got it had 11 coloumns
(using the tuts given here http://www.go4expert.com/showthread.php?t=11841)
then i did..
http://www.site.com/news.php?id=5 union all select 1,2,3,4,5,6,7,8,9,10,11/*
it showed the page normally...
no numbers were shown...
then stil to take chance
i replaced each coloumn no. with unhex(hex(@@version)) hoping one of them might work and reveal the sql version, all loaded normally..no version..?
whats wrong?

also many tuts say you can login using
z' or 1=1 --
or
z' or 'x' = 'x
etc etc etc
but i didnt find a single site where it worked...
why?
how do you know where it will work (without trying every possible combination) ?
thanks...

ps - is sql hacking still vulnerable these days? cause it didn't look like...

SaswatPadhi 6Jul2009 05:52

Re: SQL Injection Help!!
 
Did you read the VM, I sent ??

I don't think SQL injection hacking is still useful today. Many websites seem to be smart enough to evade it.

indiansword 6Jul2009 06:05

Re: SQL Injection Help!!
 
Put the URL in here. Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?

mayjune 6Jul2009 12:43

Re: SQL Injection Help!!
 
@indiansword
here's the url
http://www.churchilltrust.com.au/content.php?id=54
also according to me
it has 11 coloumns
table name is users
password coloumn exists
and its mysql version 4
correct me if i am wrong
please explain what strings you used to inject it
Quote:

Also let me know if its a premade script like vbulletin, wordpress etc. or designed by owner himself?
i saw many other vbulletins, do they have some other specific loopholes? how to check if they have?
how to know if its made by himself or using wordpress or something else?
thanks a ton..
ps - i don't have anything against this site, only to understand how sql injection works...

mayjune 6Jul2009 12:46

Re: SQL Injection Help!!
 
@saswat
yes i saw, i replied too i think
well i read one reply by someone somewhere that there are so many sites, there has to be quite a few still which are still vulnerable to sql injection, people are still ingnorant thinking there site won't be hacked......
that gave me a boost, and i will find atleast one site :)

SaswatPadhi 6Jul2009 12:48

Re: SQL Injection Help!!
 
Best of luck for your quest :)


All times are GMT +5.5. The time now is 11:29.