| Author | >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
As the title suggests, I'm looking for someone who's knowledge is extensive in SQL Injection. This is not a request to find someone to hack some site for me....
I'm developing a software that deals in this area. 70-80% of it I'd say is done, I've waited till I coded a large percent of it until I posted here.
Program Info:
Coded in 100% managed C#.Net
As of now it is being compiled on .NET 2.0 Framework, but with the intention of being backward compatible to 1.0/1.1. I will compile for those frameworks, upon completion.
Requirements:
I'm looking for someone who truly understands SQL weaknesses and how to exploit them. Don't think you're a guru, just because your title says so on HBH. lol. I have some knowledge and have been doing research, but I need an expert, to help write exploits and such.
Knowledge needed:
Basic SQL Inj.
Blind Injection.
Redirection/Reshape query attacks.
UNION SELECT exploits.
It would also be helpful if you knew some kind of programming, does not need to be c#, I know many languages. If you know any of: php, vb, c++, java, or any .NET would be great. I know little perl, but its not hard to understand, so if thats your main language, I'm sure its workable...
But for the main part, I need you to handle researching and writing sql exploits, how to detect if sites are vulnerable (ie. do you receive any errors upon injection, are we redirected, etc etc).
I have already programmed several arrays filled with database table names, composed of the most common names, all names found on forums, members areas, users, form data variables. This will all be at your fingertips to work with. I will explain more in private.
I haven't decided if this will be freeware/open source or shareware yet, but if any money $ is made, we will work out an agreement on paper about your percentage.
I'm very easy to work with ... very dedicated. Very relaxed, so if you think you'd like to work on a project like this, just send me a message or post a reply.
Screenshots: (So you know this isn't BS) lol
|
 |
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
PM me or contact me on MSN/AIM
|
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Sorry double post
Edited by on 07-09-06 11:09 |
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Mr_Cheese
Member
Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank: Uber Elite | |
PM me and we can talk further over MSN if you wish.
wolfmankurd and i should be able to deal with anything you need help with.
|
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Im pretty good with SQL injecions, its something ive always liked doing. If you need another person, PM me.
|
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Thanks for the replys guys ... will contact you soon about more info. Just finishing up some more coding first.
|
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
I know c/c++,but doubt I could help you any with the programming(since it looks like you have it covered)but I would be very interested in helping beta test it.
|
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
a-hack wrote:
I know c/c++,but doubt I could help you any with the programming(since it looks like you have it covered)but I would be very interested in helping beta test it.
That'd be great. I'm gonna be looking to have a few people BETA test it for me as it progresses.
Edited by on 08-09-06 21:16 |
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
nanoymaster
Member
Posts: 119
Location: ก็็็็็็&
Joined: 20.08.05
Rank: Wiseman
Warn Level: 30
| |
I'd be more than happy to beta test for you, just giv us a pm
ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิิิิิิิิิิ ก็็็็็็็็็็็็็็็็็็็็ กิิิิิิิิิ |
   |
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
BluePain
Member
Posts: 87
Location: 127.0.0.1
Joined: 28.08.06
Rank: Newbie | |
If you need any more beta testers would I be more then hapy to help.
I am not so good at coding but I can some VB.net, c++, html, php, javascript. |
|
|
| Author | RE: >> Looking for SQL Inj Hacking Guru << Please Look! |
Member
Posts:
Location:
Joined: 01.01.70
Rank: Guest | |
Just a small update for those wondering about this project. I haven't contacted anyone yet about the SQL Inj, help. I've decided to finish everything else in the program before working on that part. Right now I'm working on the scan engine basically, finding the best methods of combining multithreading along with multiple bots/per thread. ... It has actually grown quite complex, and making my head hurt. lol Right now I'm coding the proxy tester with it, then will be able to apply pretty much the same class to the attack engine.
Quick Update:
This will be most-likely be released as freeware, however if you'd like the source code, all I'll prob be asking is for a tiny* donation due to the amount of hours spent planning, designing, researching, and coding. I think thats pretty reasonable to ask from a broke college kid who lives off Ego's and beer.  All contibuters will have their names/aliases on the software if desired.
*tiny = $2-5 probably ... depending on how in depth it gets.
I'll prob be looking for about 2-3 BETA testers, other than the exploit team.
Edited by on 14-09-06 09:15 |
|
|
