:::SQL INJECTION ATTACKS:::

Discussion in 'DELETED POSTS' started by swaggaderb, Oct 16, 2010.

Users Viewing Thread (Users: 0, Guests: 0)

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0
    Greetings guys, welcome !!!

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0
    Hello there, the aim of this thread is 2 make us have a way of injecting malwares in PAID hosting sites so as to gain FTP passes, for breaking
    into their Cpanel in order to upload our 2.99KB php shell script, and have a paid server all 2 ourselves!

    dizzle Member

    Member Since:
    Sep 30, 2010
    Message Count:
    145
    Likes Received:
    0
    am all eyes
    • GL Senior Member
    • GL Legend
    • Guru Member

    POSSIBLE GL Senior Member

    Member Since:
    Sep 30, 2010
    Message Count:
    4,909
    Likes Received:
    3
    @swagger. O ya release d scope. We dey here. Time dey Run

    joeadeoye Member

    Member Since:
    Oct 6, 2010
    Message Count:
    70
    Likes Received:
    1
    If i dont get you wrong, what u r tryin to do is to is inject your own authentication into their paid server mysql db so that u can have a paid account uhh

    hmmm

    joeadeoye Member

    Member Since:
    Oct 6, 2010
    Message Count:
    70
    Likes Received:
    1
    Well, thats a good idea.

    Think guyz

    take a look at this, if we build a php reg form just like theirs' and link it wit their sql paid db. But in this case, their db user/pass will be required

    joeadeoye Member

    Member Since:
    Oct 6, 2010
    Message Count:
    70
    Likes Received:
    1
    What about this, if we find a paid server that receives payment using online form either with asp, php, htm or html. The data that will be sent by the form can be manipulated using a plugin. In this way, we can simply pay fake money for the server and get us registered.

    joeadeoye Member

    Member Since:
    Oct 6, 2010
    Message Count:
    70
    Likes Received:
    1
    Think guyz bring ideas

    PERMUTATIONS Member

    Member Since:
    Oct 6, 2010
    Message Count:
    21
    Likes Received:
    0
    YOU DONT NEED ANY USERNAME TO ACCESS THERE CPANELS
    JUST A COMMAND LIKE TALKING TO THE DB AND THE CP WILL OPEN AND U CAN INJECT
    IT WITH THE SQLI

    luknice Member

    Member Since:
    Oct 1, 2010
    Message Count:
    44
    Likes Received:
    0
    ABEG MAKE WE START THE TUTORIAL

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0
    Lets start, but first, i think we need 2 know what a Database means .....

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0
    WHAT IS DATABASE?
    Just general info.. Database is the application that stores a collection of data. Database offers various APIs for creating, accessing and managing the data it holds. And database(DB) servers can be integrated with our web development so that we can pick up the things we want from the database without much difficulties. DB may hold various critical informations like usernames, passwords, credit cards, e.t.c. So, DB need to be secured but many DB servers running are insecured either bcoz of their vulnerability or bcoz of poor programming handles. To name few DB servers, MySQL(Open source), MSSQL, MS-ACCESS, Oracle, Postgre SQL(open source), SQLite, e.t.c.

    swaggaderb Member

    Member Since:
    Oct 8, 2010
    Message Count:
    128
    Likes Received:
    0
    WHAT IS SQL INJECTION?
    SQL injection is probably the most abundant programming flaw that exists on the internet at present. It is the vulnerability through which unauthorized person can access the various critical and private dat. SQL injection is not a flaw in the web or db server but but is a result of the poor and inexperienced programming practices. And it is one of the deadliest as well as easiest attack to execute from remote location.
    In SQL injection, we interact with DB server with the various commands and get various data from it.Well, we would be discussing just 2 aspects of SQL injection here: namely bypassing logins, and modifying the page contents. So lets head forward on our real walkthrough!!!
    • Guru Member

    PROFICEMUGâ„¢ Guru Member

    Member Since:
    Oct 1, 2010
    Message Count:
    492
    Likes Received:
    1
    i like your idea, but u must hav their cpanel username and password.
    But go on i wuld like to know what other ideas you got.
    • Guru Member

    PROFICEMUGâ„¢ Guru Member

    Member Since:
    Oct 1, 2010
    Message Count:
    492
    Likes Received:
    1
    is that possible?

    prof.vince Member

    Member Since:
    Oct 3, 2010
    Message Count:
    23
    Likes Received:
    0
    SQL injection is non longer an effective hack procedure as many web developer are already aware of and have take security measures.

    'OR1=1' is no longer effective.

    There is an advanced SQL injection which require startup through google search.

    The search is to identify websites that are vulnerable to SQL injection. The problem is that u wont find your target among vulnerable. So it SUCKS

    so if u want to really hack a website, then u have to Search for the hosts IP. It can be hectic when there is a large number of websites hosted on that IP........

    PERMUTATIONS Member

    Member Since:
    Oct 6, 2010
    Message Count:
    21
    Likes Received:
    0
    @prof, That is not really true, i can give you some site that i sqli like 3dayz
    ago with that method it worked perfectly just that some of them dont have fpt directory
    to upload php shells.

    Yu can even enter the database by using the colomn and table format

    bobjecy Member

    Member Since:
    Oct 14, 2010
    Message Count:
    25
    Likes Received:
    0
    oya paste them jawe
    • GL Senior Member
    • GL Legend
    • Guru Member

    POSSIBLE GL Senior Member

    Member Since:
    Sep 30, 2010
    Message Count:
    4,909
    Likes Received:
    3
    GUYS. Whats rocking here?. Make una balance una Equation.
    • GL Legend
    • Guru Member
    • Retired Moderator

    Al3ksA Retired Moderator

    Member Since:
    Sep 30, 2010
    Message Count:
    2,093
    Likes Received:
    12
    hmmmm...True talk. But they were not elaborate enough.
    • GL Legend
    • Guru Member

    Byko4all GL Legend

    Member Since:
    Sep 30, 2010
    Message Count:
    1,205
    Likes Received:
    47

    olarzz Member

    Member Since:
    Oct 3, 2010
    Message Count:
    41
    Likes Received:
    0
    Same unbeneficiary knowledge

    Paparaxy Upcoming Guru

    Member Since:
    Sep 30, 2010
    Message Count:
    123
    Likes Received:
    10
    CLICK HERE TO SEND FREE CUSTOMIZABLE SMS WITHOUT ADVERTISEMENT.EACH REGISTERED USER IS ENTITLED TO 400 FREE SMS AND EXTRA 10 FREE SMS FOR EACH REFERRAL.
    • GL Legend
    • Guru Member
    • Retired Moderator

    Al3ksA Retired Moderator

    Member Since:
    Sep 30, 2010
    Message Count:
    2,093
    Likes Received:
    12
    HMMMM
    • GL Senior Member
    • GL Legend
    • Guru Member

    POSSIBLE GL Senior Member

    Member Since:
    Sep 30, 2010
    Message Count:
    4,909
    Likes Received:
    3
    Anything new here? No one is responding
    • GL Legend
    • Guru Member

    tobino GL Legend

    Member Since:
    Oct 9, 2010
    Message Count:
    1,820
    Likes Received:
    4
    Whats happening here??
    • Super Moderator
    • GL Legend
    • Forum Author
    • Guru Member

    Godvilla® Super Moderator

    Member Since:
    Oct 2, 2010
    Message Count:
    3,627
    Likes Received:
    37
    Current Phone:
    iphone 7 Running on Android 7.7
    As u relax and enjoy the christmas holiday while browsing, i'll want u to have more fun by joining this website. Good Luck!!! http://www.paybox.me/r/godvilla

    Madara Member

    Member Since:
    Oct 1, 2010
    Message Count:
    66
    Likes Received:
    0
    No tutorial again!!!!!!!!!!!!!


Share This Page