injection

  1. H

    TOYUDesign SQL Injection Vulnerability

    # Exploit Title: TOYUDesign SQL Injection Vulnerability # # Author: 3spi0n # Software Website: www.toyudesign.com # Tested On: BackTrack 5 - Win7 Ultimate # Platform: Php
  2. H

    Php-X-Links Script SQL Injection Vulnerabilitiy

    # Exploit Title: Php-X-Links Script SQL Injection Vulnerabilitiy # Google Dork: "Powered by Php-X-Links" # Date: 1/1/2012 # Author: H4ckCity Security Team # Discovered By: farbodmahini # Home: WwW.H4ckCity.Org # Version: All Version # Category:: webapps # Security Risk:: High # Tested on...
  3. P

    [New]Routed query based SQL- injection tutorial-by spirit[/noob friendly]

    Hello ProVendorz members So, today i am here to demonstrate a tutorial on Routed query based SQL- Injection Target Website:-www.impressionbridal.com/catalog.php?cat=22 So, lets try to inject it http://www.impressionbridal.com/catalog.php?cat=22' [Error] Lets try to balance our query...
  4. P

    [TUT] Headers SQL Injection,injection via Headers w/ Pics [header based]

    sup. this tut will focus on injection via headers. up to now,we knew 3 methods to inject. GET- via url. for example- http://evt-me.com/newsDetail.php?id=8 POST - via box. for example- http://www.health.gov.mv/ (in the search) COOKIE https://hackforums.net/showthread.php?tid=2103408 now we...
  5. P

    [TUT] MS-Access Injection [Noob Friendly,With Pics]

    sup. this tut will show you how to inject into access db. fisrt,thanks to ☆¸.•*☆ƶεяø ĉööl☆*•.¸☆ for the site. ok lets start we gonna inject on this site http://www.sdhc.k12.fl.us/Schools/School...?Site=0151 www.sdhc.k12.fl.us/Schools/School_Info.asp?Site=0151 how do we know its vuln?like...
  6. P

    [TUTORIAL] cookie sql injection,injecting via cookie [session based]

    sup. this tut will teach you how how to sql inject via cookie [also known as 'session based' or 'cookie parameter']. until now,we know about two methods: GET - via url http://site.com/*.php?id=1 union select .... for example http://www.evt-me.com/newsDetail.php?id=8 POST - via box like this one...
  7. M

    Credit Card Hacking tutorial by sql injection with query

    In this tutorial i will show you how to dump credit card information from a vulnerable website. Video link (You can also download it) : https://drive.google.com/file/d/0B_UjG9FhJsjoLU5NNkptcXYtSzg/view?usp=sharing
  8. S

    SQL Injection TUT

    SQL Injection Tutorial and Rundown: First you will need SQLmap. So you need Kali Linux, which has sqlmap with it. Now you will need to find a website vulnerable to SQL Injection. You can do this by going to google and typing php?id= in the search bar. All the Results on the Search will get...
  9. P

    No Priv8 tool SQL injection sites Dumper v.8.0

    Offer you today a wonderful program, and my personal experience and the latest version of the program Is a program: SQL Dumper v.8.0 Primitive remembrance of what distinguishes the program from the old version: 1. The speed and strength to bring sites 2. speed in the extraction of data tables...
  10. P

    [Detailed] Boolean Based Blind Injection [Tutorial]

    Introduction So a lot of people view bling injection as having to guess everything, when it's called blind injection because no data is visible on the page as an outcome. Remember, whenever you're injecting a site, as long as information_schema exists (version 5 or more), then you can use it...
  11. P

    Mysql Injection Tutorial 1

    Mysql has 2 types only as mentioned above.you need to know the following things about the DB you are attacking- # Number of columns # Table names # column names # Let's start with union Attack, the most common, every n00b should no it - Code: => http://test.com/index.php?id=1 order by 10-- ^...
  12. P

    Reading Log Files in Postgresql Sql Injection

    Hey everyone, So I guess it's time to learn something juicy about Postgresql. If you're injecting a Website based on a Postgresql database then you might wanna check your privileges because this will simply allow you to use lots of interesting Postgresql Functions in case you could: You can...
  13. D

    Reading Log Files in Postgresql Sql Injection

    Hey everyone, So I guess it's time to learn something juicy about Postgresql. If you're injecting a Website based on a Postgresql database then you might wanna check your privileges because this will simply allow you to use lots of interesting Postgresql Functions in case you could: You can...
  14. D

    Mysql Injection Tutorial 1

    Mysql has 2 types only as mentioned above.you need to know the following things about the DB you are attacking- # Number of columns # Table names # column names # Let's start with union Attack, the most common, every n00b should no it - Code: => http://test.com/index.php?id=1 order by 10-- ^...
  15. D

    MSSQL Injection Cheat Sheet

    Code: ** Some of the queries in the table below can only be run by an admin (SA Privilege). These are marked with "-- priv" at the end of the query. ** +---------------+---------------------------------------------------------------------------+ | Version | SELECT @@version...
  16. D

    [Detailed] Boolean Based Blind Injection [Tutorial]

    Introduction So a lot of people view bling injection as having to guess everything, when it's called blind injection because no data is visible on the page as an outcome. Remember, whenever you're injecting a site, as long as information_schema exists (version 5 or more), then you can use it...
  17. D

    Israel Sql Injection Dork

    Israel Sql Injection Dork Israel Dooms Day: intext:"error in your SQL syntax" +site:il intext:"mysql_num_rows()" +site:il intext:"mysql_fetch_array()" +site:il intext:"Error Occurred While Processing Request" +site:il intext:"Server Error in '/' Application" +site:il...
  18. D

    Tips for learning SQL Injection

    Well, i have seen ALOT of topic replies from people saying they do not understand tutorials or how SQL injection works or they can't find a website to test to see if they got it right. WELL I will address those two problems now. ______________________________________________ SQL...
  19. D

    Sql Injection VULNERABLE SITES

    Genhound source document description Left Coast Press : http://www.travellers-tales.co.uk/tr...rnal.php?id=42 http://www.arrowvalves.co.uk/content.php?id=8 REA Plasrack http://www.arrowvalves.co.uk/content.php?id=28 http://www.woodlandsschool.org/conte...id=1&text=...
Top