Can u teach me 'bout SQL INJECTION???

Discussion about hacker.org's server
Post Reply
User avatar
azer89
Posts: 13
Joined: Sun Jul 22, 2007 2:27 am
Location: Palestina

Can u teach me 'bout SQL INJECTION???

Post by azer89 »

i wrote this in a website which have vulnerability in SQL INJECT:

user ID : 'or''='
password: 'or''='

all of my friends can do it!!!
but i can't!!!!
what is my mistake???

someone can tell me? please.......
User avatar
Hacksign
Posts: 53
Joined: Mon Jul 16, 2007 9:14 am
Location: China
Contact:

Post by Hacksign »

no mistake

the web u were trying replace char(')

so u can not access by this mean
Dark Cyber
Posts: 3
Joined: Sun Feb 07, 2010 5:22 am

Post by Dark Cyber »

please give me example !!!!
thanks..
"Please Teach Me To Be White Hat Hacker"
onlinetrade34
Posts: 1
Joined: Sun Feb 07, 2010 6:02 pm

sell cvv very cheap

Post by onlinetrade34 »

hi everybody sry for spam
this info is very good for you (work)
i sell ccv very cheap

US: 2$ / cvv : (master , vista)

US: 3$ / cvv (discover, amex)


UK , CA , italy

Mail + pass , mailer, phpmailer ....

No scam, no rip, no test free ... and don't talk more :)
If u want :
Send money then i check new cvv and send you cvv good

Min payout : 5cvv thanks

if buy more ... > 50 cvv > 100 cvv then have price cheap cheap :X

If u buy over 50, I will sell for you good cheap, good price I only accept payment with LibertyReserve

contact me : onlinetrade34@yahoo.com

SRY spam
User avatar
PaRaDoX
Posts: 708
Joined: Fri Aug 22, 2008 5:52 am
Location: In your fridge, waiting to pop out and scare you.

Re: sell cvv very cheap

Post by PaRaDoX »

onlinetrade34 wrote:hi everybody sry for spam
this info is very good for you (work)
i sell ccv very cheap

US: 2$ / cvv : (master , vista)

US: 3$ / cvv (discover, amex)


UK , CA , italy

Mail + pass , mailer, phpmailer ....

No scam, no rip, no test free ... and don't talk more :)
If u want :
Send money then i check new cvv and send you cvv good

Min payout : 5cvv thanks

if buy more ... > 50 cvv > 100 cvv then have price cheap cheap :X

If u buy over 50, I will sell for you good cheap, good price I only accept payment with LibertyReserve

contact me : onlinetrade34@yahoo.com

SRY spam
If you're sorry, stop spamming and get a fucking job, asshat.
Image

~You are a glitch in my reasoning.
Dark Cyber
Posts: 3
Joined: Sun Feb 07, 2010 5:22 am

Post by Dark Cyber »

hey.. brother this topic not to sell CC or CVV
please dont spamming at here...

go out.. ...
"Please Teach Me To Be White Hat Hacker"
Liidian
Posts: 202
Joined: Fri Jun 05, 2009 10:49 pm
Location: Guess

Post by Liidian »

You don't want to learn SQL injection since it currently don't have much use.
The whole "system" is a number of people creating a code all together, this code loops and is there for a "system".
System Zero could also be confirmed with one word "Hacker's"
User avatar
CodeX
Posts: 350
Joined: Fri Oct 17, 2008 5:28 pm

Post by CodeX »

:? we've already been through this about SQL injection, to any passers by - if you use SQL in applications then it's nothing more to figure out SQL injection and even if you don't use SQL but are interested in website security then by all means go ahead and learn it. It might also be useful for me to point out that most things Liidian states are in fact the opposite of how things are in reality so you will actually lean more by remembering the inverse of what he comes up with.
:idea:
User avatar
anicoolrocks
Posts: 29
Joined: Tue Jul 01, 2008 5:03 am

Post by anicoolrocks »

its a primitive technique ....u wont be able to penetrate in websites using Apache,or SQL based databases....SQL Injection can only be successful on Microsoft's database 2005,...!!
User avatar
CodeX
Posts: 350
Joined: Fri Oct 17, 2008 5:28 pm

Post by CodeX »

How is that meant to be the case? As long as the database back-end runs on SQL requests and these requests are dynamic then the system is open to SQL injection. Thats a comment of Liidianithic proportions :?
plope0726
Posts: 826
Joined: Mon Dec 15, 2008 10:13 pm

Post by plope0726 »

Liidian wrote:You don't want to learn SQL injection since it currently don't have much use.
anicoolrocks wrote:its a primitive technique ....u wont be able to penetrate in websites using Apache,or SQL based databases....SQL Injection can only be successful on Microsoft's database 2005,...!!
Where do you idiots come up with this shit? Before you try to make a post that you think is fact, you might want to verify it. The majority of websites that are compromised are because of SQL injection. SQL injection is not a vulnerability in any particular database application. It's the lack of the developer validating user input. As codex already pointed out, if the database runs on SQL it can be attacked if appropriate input validation is not in place.


Have you guys considered learning about a subject before making assumptions. The only thing primitive here is you.
h4ndl34nd13
Posts: 2
Joined: Thu May 20, 2010 12:47 am

what the hell is with all of these cvv dudes?

Post by h4ndl34nd13 »

Seriously. Why would a hacker spam a room full of hackers? That seems paradoxical to me.
Sub question, what is it they're selling? what's a cvv?
Oh.
First post by the way. n008 for the w.i.n. :)
Isn't sql injection just trying to access the back end of a server by inserting random variables in the url address?
h4ndl34nd13
Posts: 2
Joined: Thu May 20, 2010 12:47 am

Re: sell cvv very cheap

Post by h4ndl34nd13 »

PaRaDoX wrote:
If you're sorry, stop spamming and get a fucking job, asshat.
win. you should be my new digifriend because you called someone an asshat.
DOUBLE POST.
Sorry- wheres the edit button.

...There it is. sorry- I'm retarded.
Post Reply