SQL Injection, please help me xD

Discussion about hacker.org's server
Post Reply
Liidian
Posts: 202
Joined: Fri Jun 05, 2009 10:49 pm
Location: Guess

SQL Injection, please help me xD

Post by Liidian »

I have never worked with SQL injection before and now i wonder.. how it works? where can isnert

script.php?id=-1 union all select 1,2,3,4,5,group_concat(admin_name,0x3a,admin_pass),7,8,9,10 from admin_users--

for example?
The whole "system" is a number of people creating a code all together, this code loops and is there for a "system".
System Zero could also be confirmed with one word "Hacker's"
Top
User avatar
koolpop0
Posts: 259
Joined: Thu Sep 20, 2007 11:03 pm
Location: In the binary of this system
Contact:
Contact koolpop0

Post by koolpop0 »

what i learned is

hi' OR 1=1--

unlikely it will work on most sites...

i didn't study this enough yet
Image
Top
plope0726
Posts: 826
Joined: Mon Dec 15, 2008 10:13 pm

Post by plope0726 »

koolpop0 wrote:what i learned is

hi' OR 1=1--

unlikely it will work on most sites...

i didn't study this enough yet
Most sites are protected from this sort of SQL injection. It's such and old vulnerability that it practically doesn't exist. That's not to say some sites aren't still vulnerable, but this basic SQL attack is almost obsolete. It takes a bit more thought than this now.
Top
Post Reply

Return to “The Hacker's Server”