Follow us on Twitter!
The important thing is not to stop questioning. - Albert Einstein
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 23
Members Online: 3

Registered Members: 82855
Newest Member: icepeter
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Page 1 of 2 1 2 >
Author

MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 03-01-09 00:55
Hey everyone. Here i have been trying to do a mysql injection and have been successful half way. Im a newbee in hacking so need some help here :P.

ok what i have tried is
Code

http://***.******.***/v2/news.php?news=0 UNION ALL SELECT 0,news_id,details,0,0,0 from news/*





works and looks lovely. but wat is not working and i cant make it work is
Code

http://***.******.***/v2/news.php?news=2997; UPDATE news SET details='essential security'/*





tried many things but still kant get it work. i know the basic of php and mysql but still cant make it work though.. :(
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-01-09 01:06
You're mixing MySQL injections with MS-SQL injections. Look more into some whitepapers on MySQL injections. Or later today I'll upload my old visual guides for anyone else also interested.




Edited by on 03-01-09 01:09
Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 03-01-09 04:29
Shock never thought so i would be doing something so dumb.. btw all i know is MySql so i never thought i will be using MsSql.. thanks for the quick reply. cant wait to see the article



THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-01-09 06:03
Sorry for the time it took to post here, had to do something.
http://rapidshare. . .l.swf.html
If anyone downloads it, please reply. Gay rapidshare only allows me to let 10 people download it and I want to make sure DC has a copy. If it's down, I'll host it somewhere else (suggestions welcome).

You're not making a dumb mistake, don't worry. Issue an @@version if you have any kind of output from your injection. Then you can make sure what kind of SQL db you are attacking. However, you have tried to end the sql query and then create your own. This kind of injection is only possible in MS-SQL. That is what you are mixing up.


Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 03-01-09 07:55
The version of MySql is 4.1.7. Dont know the reason but i have to use unhex(hex(@@version)) to get the version ?



THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 03-01-09 08:27
it seems that i cant run a 2nd query with mysql_query of php.. so i got the user and password.. user is admin and password is
534a94c87b96391f0ae349e9b2e19d14
i have tried the online crackers but no luck so trying many methods now. how is it possible to find the login page ? i have tried many guesses but no luck Sad


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-01-09 18:02
You could try blindly guessing, that shouldn't be too hard. Or you could try using a program like Intellitamper to just list all the files and directories on the site. Yeah, try Intellitamper out and you should be good.


Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 03-01-09 19:42
Thanks Bro.. im progressing further more. they have a HTTP Authentication setup.. now im trying to crack the password with rainbow crack...

Thanks you guys thanks alot:happy:


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 04-01-09 05:52
Sad i cant get the password cracked ... anyone can tell me how this can be done ?


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-01-09 05:56
lol you could try the rainbow table method or you could try a hash cracking program. Maybe you can get Cain to do it.


Author

RE: MySql injection

hellboundhackersok
Member



Posts: 353
Location:
Joined: 20.09.07
Rank:
Moderate
Warn Level: 95
Posted on 04-01-09 05:56
Brute force it. JTR or Cain will do.


i.imgur.com/qBWHo0R.png
Author

RE: MySql injection

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 04-01-09 05:59
Rainbow tables. Get a portable HDD, fill her up with those tables and get cracking.

Don't bother creating charlengths 1 to 5. 6-12 is what you're probably after.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 04-01-09 10:50
using cain at the moment and it says 15 years... something like that :wow:

using rainbowcrack also... having a little problem here..
i don't fully understand the rtgen wat should i actualy try ? is the following command ok ?
Code

rtgen md5 alpha-numeric-symbol14-space 6 16 0 2400 97505489 all




i can understand
6 is the minimum characters
16 is the maximum.
0 - no idea
2400 - no idea
97505489 - no idea
all - no idea

and why dont people upload this stuff ?


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-01-09 13:38
DCs wrote:
and why dont people upload this stuff ?

... They do. Guess you just haven't gone looking for it yet. If I wanted to download rainbow tables containing md5 hashes, I'd probably go look at a search engine.


Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-01-09 18:05
Zephyr's right, you're going to have to search for one. Actually, now that I think about it, hak5.org has community rainbow tables. I've never used them but I used to hear about them on that site a lot, maybe you should go check it out.


Author

RE: MySql injection

spyware
Member



Posts: 4192
Location: The Netherlands
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 04-01-09 18:44
The problem with good rainbow tables is that they're BIG. Huge. The best way of getting them is either generating yourself, or buy sets of DVDs/portable HDD.

There are a few rainbow sellers out there. Not sure about the price.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
“Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?” - Ebert
[/s
http://bitsofspy.net
Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 04-01-09 19:11
sorry for talking dumb before googling stuff.
i want to generate and store it in dvds.. but i dont know what is the best command i have to use to generate them. i think i can generate them very fast as i have full access to abt 100 pc's of which 20% i can use non stop and 10 servers which i can use to generate them Grin

BTW thanks everyone.. never got so much help in trying to hack in to something.. U guys are the best !


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 04-01-09 20:58
DCs wrote:
sorry for talking dumb before googling stuff.
i want to generate and store it in dvds.. but i dont know what is the best command i have to use to generate them. i think i can generate them very fast as i have full access to abt 100 pc's of which 20% i can use non stop and 10 servers which i can use to generate them Grin

BTW thanks everyone.. never got so much help in trying to hack in to something.. U guys are the best !


First, Cain & Able is pretty slow and I would consider looking into different programs.
Second, if you have a fast download rate without a bandwidth cap I would just start downloading certain charsets with your computers and then using those. This being that others who have maximized the potential of certain GPU's are going to be able to offer incredible rainbow tables to you.
Although, if you wanted to maximize the potential of your computers, learn how to use a cluster to generate your rainbow tables. It might be a bit hard, but it would be the best in the end. Especially if you have Nvidia graphics card and you are able to maximize the power of those GPU's.


Author

RE: MySql injection

DCs
Member

Your avatar

Posts: 13
Location: maldives
Joined: 13.10.05
Rank:
Guest
Posted on 07-01-09 09:14
so it means by encrypting something they are adding a strong security feature right Grin..

I was wondering if there is a way i could find a table in 4.1.7 ? i tried mysqlbf.exe and seems it cant do the trick Sad i have been guessing a table in a second website and couldn't get it through.

Also is there a way i could find all directories in a website ?

just asking if life is easy Pfft


THIS IS WAT FUSION BECOMES TRUTH
Author

RE: MySql injection


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-09 12:32
DCs wrote:
so it means by encrypting something they are adding a strong security feature right Grin..

Encrypting data obscures it. It's only a "strong security feature" if it's AES or higher, since everything below that has been pretty well demolished by now.

DCs wrote:
I was wondering if there is a way i could find a table in 4.1.7 ? i tried mysqlbf.exe and seems it cant do the trick Sad i have been guessing a table in a second website and couldn't get it through.

http://www.hellboundhackers.org/forum/xss_help-15-14237_0.html
Scroll down some. Read.

DCs wrote:
Also is there a way i could find all directories in a website ?

Skunkfoot wrote:
Or you could try using a program like Intellitamper to just list all the files and directories on the site.


DCs wrote:
just asking if life is easy Pfft

No, it's not. It's educational, though.


Page 1 of 2 1 2 >