| Author |
Help with SQL Injetion Attack |
350z
Member
Posts: 3
Location:
Joined: 22.12.08
Rank: Newbie |
|
Hi I'm helping a friend secure his site:
Read the fucking rules. - Zeph
on the search for a carpool page if you enter: ' or 1=1-- into both fields every entry shows up. I'm not sure if this means it is vulnerable or not. What types of attacks could be harmful and how much damage could they cause.
Thanks
Edited by Zephyr_Pure on 24-12-08 02:05 |
|
| Author |
RE: Help with SQL Injetion Attack |
harry_potter28
Member
Posts: 167
Location:
Joined: 11.09.08
Rank: HBH Guru |
|
search for "sql injection attacks" in google n u will get what u want  |
 
|
| Author |
RE: Help with SQL Injetion Attack |
350z
Member
Posts: 3
Location:
Joined: 22.12.08
Rank: Newbie |
|
|
already did. a lot of that wasn't working for me. |
|
|
| Author |
RE: help arrives |
d0m14n
Member
Posts: 40
Location: Hell
Joined: 28.10.08
Rank: Monster |
|
here check this out put this in the url
http://127.0.0.1/
thats gonna tell you all you need to know about sql injection attacks  dude
insecurity at its best
Lead, follow, or get the
* fuck out of the way.
(\_/)
(='.' )
(" )_(" )
^^ Add the bunny to your sig, one day he will rule the world!
Comptia a+/Net+
perl,html,c#,c++,visualbasic.net,
 |
|
|
| Author |
RE: Help with SQL Injetion Attack |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
|
350z wrote:
already did. a lot of that wasn't working for me.
well check articles here, and if that won't work for you either, there's no hope left
btw not the most wise thing to post url on a server that runs brutally out dated services
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: Help with SQL Injetion Attack |
350z
Member
Posts: 3
Location:
Joined: 22.12.08
Rank: Newbie |
|
I've looked through most articles on here and on google. I'll try some of the different stuff they say, but I'm not getting any further than making all the entries show up.
How can you tell what software the server is running and what exploits could be done through that.
oh and btw he says if someone from this site hacks his site they get $10 and another $20 if they tell him how. |
|
|
| Author |
RE: ok |
d0m14n
Member
Posts: 40
Location: Hell
Joined: 28.10.08
Rank: Monster |
|
have him email me a contract with proof he own it and ill root it for him and explain step by step how i did it for 4 the 20 and i want it to be donated to hbh.org
insecurity at its best
Lead, follow, or get the
* fuck out of the way.
(\_/)
(='.' )
(" )_(" )
^^ Add the bunny to your sig, one day he will rule the world!
Comptia a+/Net+
perl,html,c#,c++,visualbasic.net,
|
|
|
| Author |
RE: Help with SQL Injetion Attack |
bl4ckc4t
Member
Posts: 591
Location: /etc/
Joined: 07.03.06
Rank: HBH Guru |
|
Check out System Meltdown's podcast.
Google will help you with that.... and demonoid.
Bl4ckC4t
|
|
|
| Author |
RE: Help with SQL Injetion Attack |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
Great... another "hey, my friend has this site and will pay whoever to show me how to hack it" thread. If you want to learn how to exploit a site, read up on the topic and ask specific questions. Don't offer money for people to spoonfeed your ass because we know you're bullshitting on the money promise. Everyone does.
Lock.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
Main:
