slashfear's - sql injection live demo!!
Hi Guys,
NOTE: THIS IS FOR EDUCATION PURPOSE ONLY I WILL NOT TAKE ANY CLAIM FOR YOUR ACTIONS!!
Last time when i posted about sql injection it was theoretical ( and boring........ ๐) So this time you will see it practically in the video below enjoy.....!! by the way I was done with my project works and was really bored so thought of doing a website and injecting it so here are some technical details:
WEBSITE SCRIPTING LANGUAGE : PERL CGI
BACK-END DATABASE : MYSQL
This attack can be performed on any website which are prone to sql injection attack!! it can be any web technology as well as database. This is mysql so I will be using # to comment and in ORACLE or MSSQL or SYBASE etc... we have to use --
NOTE: This video shows you the power of sql injection what all can be done using it!! so if your a web developer please consider to prevent the sql injection attack!!
NOTE: THIS IS FOR EDUCATION PURPOSE ONLY I WILL NOT TAKE ANY CLAIM FOR YOUR ACTIONS!!
Last time when i posted about sql injection it was theoretical ( and boring........ ๐) So this time you will see it practically in the video below enjoy.....!! by the way I was done with my project works and was really bored so thought of doing a website and injecting it so here are some technical details:
WEBSITE SCRIPTING LANGUAGE : PERL CGI
BACK-END DATABASE : MYSQL
This attack can be performed on any website which are prone to sql injection attack!! it can be any web technology as well as database. This is mysql so I will be using # to comment and in ORACLE or MSSQL or SYBASE etc... we have to use --
NOTE: This video shows you the power of sql injection what all can be done using it!! so if your a web developer please consider to prevent the sql injection attack!!
[video=vimeo;19800899]https://www.vimeo.com/19800899[/video]
Hope you enjoyed it!! if you have any doubts feel free to ask ๐
-Arvind
โ
-Arvind
โ
Replies
-
Kaustubh KatdareHats off ๐ Great job! ๐ -
Ankita KatdareThe live demo is superb. Nicely explained slashfear.
Thanks for sharing with us. -
slashfearThanks Biggie and abrakadabra ๐
-
silverscorpionNice demo..
When you give " x' or 1=1 # " in the username, how does it login to the user Mike? Can you explain what's going on inside?
Also, I think PHP doesn't support execution of more than one sql statements in a single line.. so, when you use union, isn't it equal to running two queries?
How is it allowed? (I hope PHP is behind this website and not some other language..)
Thanks!! ๐ -
slashfear
when you give 'x or 1=1 # ' it will take you to the first user in the table, so in my my table the first user is mike!! so it takes me to his account, according to login validation if the user input is returns true it will take you to the home page. Since the condition x or 1=1 returns true in the first place it takes me in as the first user named mike.silverscorpionNice demo..
When you give " x' or 1=1 # " in the username, how does it login to the user Mike? Can you explain what's going on inside?
Also, I think PHP doesn't support execution of more than one sql statements in a single line.. so, when you use union, isn't it equal to running two queries?
How is it allowed? (I hope PHP is behind this website and not some other language..)
Thanks!! ๐
And now for the second question...... PHP we can execute 2 sql query's or else how can we join two tables or use correlated subquery's in order to accomplish the desired output from two tables.
NOTE: In php by default it adds an escape sequence if there is a ' in the user query in order to inject in PHP pages we can use hexdecimal conversion that is hex value of '
-Arvind -
Manish Goyalhey do you use backtrack in your system?
-
slashfearHi Goyal,
Nope I use Fedora but I do use back track live disk often ....... to do some experiments ๐ I am planning to change my OS to backtrack I love it its so kool ๐
-Arvind -
Manish Goyal
i knowslashfearHi Goyal,
Nope I use Fedora but I do use back track live disk often ....... to do some experiments ๐ I am planning to change my OS to backtrack I love it its so kool ๐
-Arvind
i hope your experiments are for good purposes ๐ -
slashfearYeap!!! off-course It is for good purpose buddy!! ๐
NOTE: GMAIL PHISHING LIVE DEMO COMING UP.........
-Arvind
You are reading an archived discussion.
Related Posts
Hey guys,
I have not practically experienced it but a doubt came in my mind.
Suppose i have obtained my IP from DHCP server and the server refreshes IP addresses...
HEY guys.. I am looking for a pic microcontroller that supports AT COMMANDS..
it's for our thesis project..
a water-level detector that automatically sends an SMS report.
pls help..
Deep Kalra founded MakeMyTrip, a leading travel portal from India is all set to expand its operations outside India. The company is acquiring Singapore based Luxury Tours and Travel for...
Microsoft's IE9 release candidate is now available. The latest version of browser just leaped a step ahead nearing gold release. IE9 RC is now officially available for download from following...
I thought of posting a review of recently released RC version of the Internet Explorer 9. But then thought of making it a group review. IE9 RC is available for...