Every good hacker should learn programming language Hacker should not be script kiddle. Just we should remember that tools can't make hacker but hacker makes tools.So , to make hacking tools hacker need to learn programming language.However ,Below the list of attack which to be explain.
Let's start .
1.SQL injection: Sql injection is Database query language. Most of the web site using SQL database but many dev[/size]eloper or administrator do not know much about security and secure coding. And Hacker firstly viewing the source code of the target web site for finding vulnerable.If we do not know SQL then we are unable to find vulnerable , so we should learn basic of SQL Vulnerable sql source code example:
After found this vulnerable source code if we use :
or
That changes the query into SELECT * FROM users WHERE username='' OR 1=1 /* AND password='f41d8cd98f00b204e98009h8ecf842ge'; and SELECT * FROM users WHERE username='' OR 1=1 -- - AND password='f41d8cd98f00b204e98009h8ecf842ge';
SO ?
The hard part comes with the article/news/etc. injections. They can be quite a bit more complex and requires a general understanding of how the SQL server works. Let's say we have this script:
And the url is : http://www.site.com/index.php?test=1
Now wanna hack it if the site is vulnerable so we are puting this to check vulnerable:
or
If the target site give any sql error then it's exploitable.
This verifies that it's vulnerable because it will select the first article in the database and display it. Now we need to find out how many columns there are so we set the id value to this:
If this doesn't error out, then it's telling us that the table has >=1 columns in it. If that works, that means that we can exploit it! So continue incrementing the number one by one until you error out. Let's say when we input this, it returns an error:
it means that we have 3 columns in the table. Now to set up the union query.
Now we need UNION query. Example of usage:
Once we input that you notice that a 2 appears on the screen. That means that content is the second column in the table. Since it's being outputted, we can easily get whatever information we need. I personally go to information_schema.tables and get all of the tables and just select what sounds interesting, however, you don't always have permission to access information_schema.tables so I'll just assume that you can guess the table names. If there's a login I normally guess users the first time - it will usually work. So, here's what our input will look like if we want to grab the username and password of the account with the username admin would look like.
and then we get the pass:
Now just need to crack the hash for plain password.
This is a very basic of sql injection.
Let's start .
1.SQL injection: Sql injection is Database query language. Most of the web site using SQL database but many dev[/size]eloper or administrator do not know much about security and secure coding. And Hacker firstly viewing the source code of the target web site for finding vulnerable.If we do not know SQL then we are unable to find vulnerable , so we should learn basic of SQL Vulnerable sql source code example:
After found this vulnerable source code if we use :
or
That changes the query into SELECT * FROM users WHERE username='' OR 1=1 /* AND password='f41d8cd98f00b204e98009h8ecf842ge'; and SELECT * FROM users WHERE username='' OR 1=1 -- - AND password='f41d8cd98f00b204e98009h8ecf842ge';
SO ?
The hard part comes with the article/news/etc. injections. They can be quite a bit more complex and requires a general understanding of how the SQL server works. Let's say we have this script:
And the url is : http://www.site.com/index.php?test=1
Now wanna hack it if the site is vulnerable so we are puting this to check vulnerable:
or
If the target site give any sql error then it's exploitable.
This verifies that it's vulnerable because it will select the first article in the database and display it. Now we need to find out how many columns there are so we set the id value to this:
If this doesn't error out, then it's telling us that the table has >=1 columns in it. If that works, that means that we can exploit it! So continue incrementing the number one by one until you error out. Let's say when we input this, it returns an error:
it means that we have 3 columns in the table. Now to set up the union query.
Now we need UNION query. Example of usage:
Once we input that you notice that a 2 appears on the screen. That means that content is the second column in the table. Since it's being outputted, we can easily get whatever information we need. I personally go to information_schema.tables and get all of the tables and just select what sounds interesting, however, you don't always have permission to access information_schema.tables so I'll just assume that you can guess the table names. If there's a login I normally guess users the first time - it will usually work. So, here's what our input will look like if we want to grab the username and password of the account with the username admin would look like.
and then we get the pass:
Now just need to crack the hash for plain password.
This is a very basic of sql injection.
0 comments:
Post a Comment