Donate to us via Paypal!
Your life is ending one minute at a time. If you were to die tomorrow, what would you do today?
Friday, April 23, 2021
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 112
Guests Online: 110
Members Online: 2

Registered Members: 135601
Newest Member: mathewhogg
Latest Articles

View Thread

HellBound Hackers | Computer General | Hacking in general

Author

>> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-09-06 10:11
As the title suggests, I'm looking for someone who's knowledge is extensive in SQL Injection. This is not a request to find someone to hack some site for me....

I'm developing a software that deals in this area. 70-80% of it I'd say is done, I've waited till I coded a large percent of it until I posted here.

Program Info:
Coded in 100% managed C#.Net
As of now it is being compiled on .NET 2.0 Framework, but with the intention of being backward compatible to 1.0/1.1. I will compile for those frameworks, upon completion.

Requirements:
I'm looking for someone who truly understands SQL weaknesses and how to exploit them. Don't think you're a guru, just because your title says so on HBH. lol. I have some knowledge and have been doing research, but I need an expert, to help write exploits and such.

Knowledge needed:
Basic SQL Inj.
Blind Injection.
Redirection/Reshape query attacks.
UNION SELECT exploits.

It would also be helpful if you knew some kind of programming, does not need to be c#, I know many languages. If you know any of: php, vb, c++, java, or any .NET would be great. I know little perl, but its not hard to understand, so if thats your main language, I'm sure its workable...

But for the main part, I need you to handle researching and writing sql exploits, how to detect if sites are vulnerable (ie. do you receive any errors upon injection, are we redirected, etc etc).

I have already programmed several arrays filled with database table names, composed of the most common names, all names found on forums, members areas, users, form data variables. This will all be at your fingertips to work with. I will explain more in private.

I haven't decided if this will be freeware/open source or shareware yet, but if any money $ is made, we will work out an agreement on paper about your percentage.

I'm very easy to work with ... very dedicated. Very relaxed, so if you think you'd like to work on a project like this, just send me a message or post a reply.


Screenshots: (So you know this isn't BS) lol
tws.serveftp.org/sqlexploiter/preview/SQLeXploiter_1.jpg
tws.serveftp.org/sqlexploiter/preview/SQLeXploiter_2.jpg



Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-09-06 11:09
PM me or contact me on MSN/AIM


Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-09-06 11:09
Sorry double post




Edited by on 07-09-06 11:09
Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!

Mr_Cheese
Member



Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 07-09-06 11:17
PM me and we can talk further over MSN if you wish.

wolfmankurd and i should be able to deal with anything you need help with.


Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-09-06 14:58
Im pretty good with SQL injecions, its something ive always liked doing. If you need another person, PM me.


Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 09:10
Thanks for the replys guys ... will contact you soon about more info. Just finishing up some more coding first.


Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 17:33
I know c/c++,but doubt I could help you any with the programming(since it looks like you have it covered)but I would be very interested in helping beta test it.


Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-09-06 21:16
a-hack wrote:
I know c/c++,but doubt I could help you any with the programming(since it looks like you have it covered)but I would be very interested in helping beta test it.


That'd be great. I'm gonna be looking to have a few people BETA test it for me as it progresses.




Edited by on 08-09-06 21:16
Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!

nanoymaster
Member



Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank:
Wiseman
Warn Level: 30
Posted on 08-09-06 21:37
I'd be more than happy to beta test for you, just giv us a pm


ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ
Ask me... ก็็็็็็็็็็็็็&# http://www.nanoy.org
Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!

BluePain
Member

Your avatar

Posts: 87
Location: 127.0.0.1
Joined: 28.08.06
Rank:
Newbie
Posted on 13-09-06 07:52
If you need any more beta testers would I be more then hapy to help.
I am not so good at coding but I can some VB.net, c++, html, php, javascript.
Author

RE: >> Looking for SQL Inj Hacking Guru << Please Look!


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-09-06 09:14
Just a small update for those wondering about this project. I haven't contacted anyone yet about the SQL Inj, help. I've decided to finish everything else in the program before working on that part. Right now I'm working on the scan engine basically, finding the best methods of combining multithreading along with multiple bots/per thread. ... It has actually grown quite complex, and making my head hurt. lol Right now I'm coding the proxy tester with it, then will be able to apply pretty much the same class to the attack engine.

Quick Update:
This will be most-likely be released as freeware, however if you'd like the source code, all I'll prob be asking is for a tiny* donation due to the amount of hours spent planning, designing, researching, and coding. I think thats pretty reasonable to ask from a broke college kid who lives off Ego's and beer. Grin All contibuters will have their names/aliases on the software if desired.
*tiny = $2-5 probably ... depending on how in depth it gets.

I'll prob be looking for about 2-3 BETA testers, other than the exploit team.




Edited by on 14-09-06 09:15