Discussion in 'DELETED POSTS' started by swaggaderb, Oct 16, 2010.
:::SQL INJECTION ATTACKS:::
Greetings guys, welcome !!!
Hello there, the aim of this thread is 2 make us have a way of injecting malwares in PAID hosting sites so as to gain FTP passes, for breaking
into their Cpanel in order to upload our 2.99KB php shell script, and have a paid server all 2 ourselves!
am all eyes
@swagger. O ya release d scope. We dey here. Time dey Run
If i dont get you wrong, what u r tryin to do is to is inject your own authentication into their paid server mysql db so that u can have a paid account uhh
Well, thats a good idea.
take a look at this, if we build a php reg form just like theirs' and link it wit their sql paid db. But in this case, their db user/pass will be required
What about this, if we find a paid server that receives payment using online form either with asp, php, htm or html. The data that will be sent by the form can be manipulated using a plugin. In this way, we can simply pay fake money for the server and get us registered.
Think guyz bring ideas
YOU DONT NEED ANY USERNAME TO ACCESS THERE CPANELS
JUST A COMMAND LIKE TALKING TO THE DB AND THE CP WILL OPEN AND U CAN INJECT
IT WITH THE SQLI
ABEG MAKE WE START THE TUTORIAL
Here are some IWP servers :
Lets start, but first, i think we need 2 know what a Database means .....
WHAT IS DATABASE?
Just general info.. Database is the application that stores a collection of data. Database offers various APIs for creating, accessing and managing the data it holds. And database(DB) servers can be integrated with our web development so that we can pick up the things we want from the database without much difficulties. DB may hold various critical informations like usernames, passwords, credit cards, e.t.c. So, DB need to be secured but many DB servers running are insecured either bcoz of their vulnerability or bcoz of poor programming handles. To name few DB servers, MySQL(Open source), MSSQL, MS-ACCESS, Oracle, Postgre SQL(open source), SQLite, e.t.c.
WHAT IS SQL INJECTION?
SQL injection is probably the most abundant programming flaw that exists on the internet at present. It is the vulnerability through which unauthorized person can access the various critical and private dat. SQL injection is not a flaw in the web or db server but but is a result of the poor and inexperienced programming practices. And it is one of the deadliest as well as easiest attack to execute from remote location.
In SQL injection, we interact with DB server with the various commands and get various data from it.Well, we would be discussing just 2 aspects of SQL injection here: namely bypassing logins, and modifying the page contents. So lets head forward on our real walkthrough!!!
i like your idea, but u must hav their cpanel username and password.
But go on i wuld like to know what other ideas you got.
is that possible?
SQL injection is non longer an effective hack procedure as many web developer are already aware of and have take security measures.
'OR1=1' is no longer effective.
There is an advanced SQL injection which require startup through google search.
The search is to identify websites that are vulnerable to SQL injection. The problem is that u wont find your target among vulnerable. So it SUCKS
so if u want to really hack a website, then u have to Search for the hosts IP. It can be hectic when there is a large number of websites hosted on that IP........
@prof, That is not really true, i can give you some site that i sqli like 3dayz
ago with that method it worked perfectly just that some of them dont have fpt directory
to upload php shells.
Yu can even enter the database by using the colomn and table format
oya paste them jawe
GUYS. Whats rocking here?. Make una balance una Equation.
hmmmm...True talk. But they were not elaborate enough.
Same unbeneficiary knowledge
CLICK HERE TO SEND FREE CUSTOMIZABLE SMS WITHOUT ADVERTISEMENT.EACH REGISTERED USER IS ENTITLED TO 400 FREE SMS AND EXTRA 10 FREE SMS FOR EACH REFERRAL.
Anything new here? No one is responding
Whats happening here??
As u relax and enjoy the christmas holiday while browsing, i'll want u to have more fun by joining this website. Good Luck!!! http://www.paybox.me/r/godvilla
No tutorial again!!!!!!!!!!!!!