Follow us on Twitter!
Don't judge the unknown - Grindordie
Sunday, April 20, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 20
Guests Online: 19
Members Online: 1

Registered Members: 82843
Newest Member: hx47
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

General questions regarding login scripts.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-12-09 23:00
Basically, I'm making my own Realistic challenge of sorts to familiarize myself with the different methods of SQL and javascript injection The problem is, my canvas of sorts isn't responding in any way shape or form and I don't know if it's because it's invulnerable or if I'm just using the wrong methods, is there anyone I can PM to point me in the right direction as to what method to attempt?
Author

RE: General questions regarding login scripts.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-12-09 16:39
post your code, then we can help you better here's a simple example of injectionable profile page.
Code
<?PHP

$id=$_GET['id'];
if($id){
        $link=mysql_connect('host','username','password') or die("Could not connect to server");
        mysql_select_db('test',$link) or die("Could not select database.");

        $query="SELECT username, email FROM `users` WHERE `id`=".$id.";";
        $result=mysql_query($query);
        $row=mysql_assoc_fetch($result);
        mysql_close($link);
?>
<html>
<head>
<title>SQL Injection test page</title>
</head>
<body>
<table>
<tr><td>Username:</td><td><?PHP echo $row['username'] ?></td></tr>
<tr><td>Email:</td><td><?PHP echo $row['email'] ?></td></tr>
</table>
</body>
</html>
<?PHP
}else{
        echo "No user selected.";
}
?>




Code

mysql> select column_name from columns where table_name='users';
+-------------+
| column_name |
+-------------+
| id          |
| uname       |
| pword       |
| id          |
| username    |
| email       |
| password    |
+-------------+
7 rows in set (0.00 sec)





sure you can work out what the columns are made up of.

this uses mysql_assoc_fetch, a while loop would be more realistic (typical lazy coder reusing code) and would make this much funner to exploit.





Edited by on 17-12-09 18:30
Author

RE: General questions regarding login scripts.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-12-09 20:00
Not my code, it's a website I frequent. I've tried everything I can think of, there are no error messages, the website filters simple true/false checks, I ran out of ideas =/
Author

RE: General questions regarding login scripts.

Futility
Member



Posts: 725
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 17-12-09 20:08
Ardennes wrote:
Basically, I'm making my own Realistic challenge of sorts to familiarize myself with the different methods of SQL and javascript injection

...

Not my code, it's a website I frequent.

Wait... what? So you're making a challenge using code from a website you frequent that you don't have access to which you're trying to get access to by using techniques that you've put into it by not having access to it? Am I crazy, or does someone need to do a little rewording to get his point across?


i252.photobucket.com/albums/hh11/zanimabean/Zim.png
Futility91@hotmail.com Futility91
Author

RE: General questions regarding login scripts.

mido
Member

Your avatar

Posts: 613
Location: Cairo, Egypt
Joined: 27.01.07
Rank:
Monster
Posted on 17-12-09 20:40
Futility wrote:
Ardennes wrote:
Basically, I'm making my own Realistic challenge of sorts to familiarize myself with the different methods of SQL and javascript injection

...

Not my code, it's a website I frequent.

Wait... what? So you're making a challenge using code from a website you frequent that you don't have access to which you're trying to get access to by using techniques that you've put into it by not having access to it? Am I crazy, or does someone need to do a little rewording to get his point across?


I think he wants to know what to do with a login page on a site he intends to hack.


www.hellboundhackers.org/sig/r/16019.png

mido_eg3[at]hotmail.com
Author

RE: General questions regarding login scripts.

Futility
Member



Posts: 725
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 17-12-09 20:51
Then why mention the "Realistic challenge of sorts"? Unless he was trying to trick us by pretending to do something honest so that we could unknowingly fuel his misdeeds.

This is what I was afraid of and merely suggested he rephrase the question in a way that didn't imply a negative prerogative.

Unless I'm misreading something, of course. I tend to be quite stupid on occasion.


i252.photobucket.com/albums/hh11/zanimabean/Zim.png


Edited by Futility on 17-12-09 20:52
Futility91@hotmail.com Futility91
Author

RE: General questions regarding login scripts.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-12-09 21:04
I wanted a "realistic challenge" where I couldn't go read a bunch of articles written specifically for it to hold my hand, but I've hit a dead end in regards of even what to try. There isn't really much else I can say to convince you that there isn't a "LOLZ HOW I HACK TO DESTROY STUFF" request, but I assure you it's not.
Author

RE: General questions regarding login scripts.


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 17-12-09 21:12
read a white paper on sql injection?
then apply that to the page coded above.

this seems okay

If you already know how to use SQL with php, you just need to see what tricks can be used just look at a cheat sheet.

If you've ever used sql then it'll be clear how they work. SQL injection isn't black magic, if you know what you're doing then it's really simple.




Edited by on 17-12-09 21:13