Follow us on Twitter!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 24
Guests Online: 24
Members Online: 0

Registered Members: 82908
Newest Member: krishna7799
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Multi-User pass

Neo_Chalchus
Member



Posts: 257
Location: /me laughs maniacally
Joined: 08.08.05
Rank:
Apprentice
Posted on 25-09-05 00:21
I have been working on finding vunuralabilitys to a site (of my friends I do have prermission) and I am supposed to hack into his site (the members only section) with out knowing anything about the inside workings. So I don't know if it uses mysql or any sql,I assume it does because there are going to be alot of people on this site (at least he plans to.)

Any way, my basic questions are
1. Is there a way to find out if there is a mysql thing.
2. If it does have mysql, will sql injection work?
3. If I work through a proxy (online probobly a CGIProxy) will he be able to . find my ip?
4. Does anyone know anywhere with a challenge like this that I can practice on? perferably one with an active forum.

Thanks a ton guys
NC


(-o-) little lost tie fighter (-o-


eviltonmoy.googlepages.com/neo_chalchus.png
Thank you EvilTonmoy for the AWESOME SIG!!!
http://hackref.net
Author

RE: Multi-User pass

Mr_Cheese




Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank:
Uber Elite
Posted on 25-09-05 00:30
1. Try SQL injections to get a error (might not work due to magic quotes)
2. If magic quotes are enabled, you cant SQL inject
3. no he wont
4. setup your own forum and practice


http://www.hellboundhackers.org/
Author

RE: Multi-User pass


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-09-05 23:29
3.) Yeah, he could, depending on what CGI-Proxy site you use. Unless you make your own, the people who own the site basically have to keep logs on people who visited because of people who might hack through such a thing. So, if the site owner just gives away the information to your friend because he said something as to the sort of that originating i.p. was from the person who hacked his site.


*Feel free to correct me on this one because i think i might have something wrong in that statement..




Edited by on 25-09-05 23:32