Author Topic: SQL injection  (Read 6173 times)

0 Members and 2 Guests are viewing this topic.

Offline worf2910

  • /dev/null
  • *
  • Posts: 9
  • Cookies: 0
    • View Profile
SQL injection
« on: November 05, 2011, 08:42:28 am »
Hi!
I have the following SQL injection (Im testing it locally for my security purposes) and (argh!) it works!

index.php?lvl=categories&id=453+and%28select+1+from%28select+count%28*%29%2Cconcat%28%28select+%28select+%28select+concat%280x7e%2C0x27%2Ccount%28table_name%29%2C0x27%2C0x7e%29+from+%60information_schema%60.tables+where+table_schema%3D0x6F63696D%29%29+from+%60information_schema%60.tables+limit+0%2C1%29%2Cfloor%28rand%280%29*2%29%29x+from+%60information_schema%60.tables+group+by+x%29a%29+and+1%3D1

I can read my username and encrypted pwd BUT fortunately I cannot INSERT/UPDATE or DELETE anything and the password is  41 digits preceeded with an asterisk (one-way encrypton) Is there a way for someone to use this injection to change my credential? I mean, using in the query the SQL command INSERT etc...

Thank you for an answer
WORF

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: SQL injection
« Reply #1 on: November 05, 2011, 04:10:22 pm »
You cannot use a INSERT or UPDATE command in a SELECT query, unless the script is coded in such a way, that you can do multiple queries. In that case, all you need to do is add ; to the end of the SELECT command and enter a new one after it. But this rarely/never happens.
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline Santa

  • Serf
  • *
  • Posts: 27
  • Cookies: -9
  • shit happens
    • View Profile
Re: SQL injection
« Reply #2 on: November 06, 2011, 06:47:14 pm »
You cannot use a INSERT or UPDATE command in a SELECT query, unless the script is coded in such a way, that you can do multiple queries. In that case, all you need to do is add ; to the end of the SELECT command and enter a new one after it. But this rarely/never happens.

ok so would this work if i did this

and if so what security should i use so i dont get caught shutting down a site?

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: SQL injection
« Reply #3 on: November 06, 2011, 08:39:46 pm »
ok so would this work if i did this

and if so what security should i use so i dont get caught shutting down a site?

First line dident make sense.

Get yourself some non-logging private proxies. How you get them is up to you.
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline Santa

  • Serf
  • *
  • Posts: 27
  • Cookies: -9
  • shit happens
    • View Profile
Re: SQL injection
« Reply #4 on: November 06, 2011, 10:00:46 pm »
First line dident make sense.

Get yourself some non-logging private proxies. How you get them is up to you.

Would this work to hit down a website is what I mean

And how do i get a non logging proxy

Offline iAmLuFFy

  • Knight
  • **
  • Posts: 226
  • Cookies: 6
  • i aM MoDiFiEr nOt A cReAtOr
    • View Profile
Re: SQL injection
« Reply #5 on: November 06, 2011, 10:18:18 pm »
Would this work to hit down a website is what I mean

HaHa.. now you are on complete diffrent topic. that code is not for shutting down the site.
 
Why don't you read some tutorial given in this forum.
 
And how do i get a non logging proxy

there are some threads about proxies in hacking sections. surf a bit on that.
 
 
iAmLuFFy

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: SQL injection
« Reply #6 on: November 06, 2011, 10:38:43 pm »

HaHa.. now you are on complete diffrent topic. that code is not for shutting down the site.
 
Why don't you read some tutorial given in this forum.
 
there are some threads about proxies in hacking sections. surf a bit on that.
 
 
He is reading tutorials on forums.
If your goal is to take down a website, sqli is a very good start.
When you are lucky you can gather e.g the admin password, and try to fuck things up, or get acces to the control panels running the website.
~Factionwars

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: SQL injection
« Reply #7 on: November 06, 2011, 10:52:32 pm »
How come this "SQL injection" link example is the same as one posted by Santa?
http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173

Looks fishy :D

Offline Santa

  • Serf
  • *
  • Posts: 27
  • Cookies: -9
  • shit happens
    • View Profile
Re: SQL injection
« Reply #8 on: November 06, 2011, 10:55:09 pm »
How come this "SQL injection" link example is the same as one posted by Santa?
http://evilzone.org/general-discussion/sql-injection-question/msg11173/#msg11173

Looks fishy :D

Because I posted a topic wondering if it woul work
I dont claim anything is mine

Offline Kevin

  • NULL
  • Posts: 3
  • Cookies: 0
    • View Profile
Re: SQL injection
« Reply #9 on: November 24, 2011, 02:55:26 pm »
How to prevent SQL injection attacks?
plz help me......

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: SQL injection
« Reply #10 on: November 24, 2011, 03:06:16 pm »
How to prevent SQL injection attacks?
plz help me......

How did this one get in?..

"plz" wont work very well in here, infact its reason to kill.

Learn things from the ground up, and you will know how to secure yourself against SQL injections.
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline Huntondoom

  • Baron
  • ****
  • Posts: 856
  • Cookies: 17
  • Visual C# programmer
    • View Profile
Re: SQL injection
« Reply #11 on: November 24, 2011, 10:57:51 pm »
Still one Thing I dont understand about this all is: How the hell do you give commands?
I have no idea where to put SELECT, INSERT or any other command :S
Aslong as you are connected to the internet, you'll have no privacy

Advanced Internet Search
Clean Up!

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: SQL injection
« Reply #12 on: November 25, 2011, 09:56:14 am »
Still one Thing I dont understand about this all is: How the hell do you give commands?
I have no idea where to put SELECT, INSERT or any other command :S

Helps if you know MySQL or any other SQL language :P
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true