hacker.org

i wrote this in a website which have vulnerability in SQL INJECT:

user ID : 'or''='
password: 'or''='

all of my friends can do it!!!
but i can't!!!!
what is my mistake???

someone can tell me? please.......

no mistake

the web u were trying replace char(')

so u can not access by this mean

please give me example !!!!
thanks..

hi everybody sry for spam
this info is very good for you (work)
i sell ccv very cheap

US: 2$ / cvv : (master , vista)

US: 3$ / cvv (discover, amex)


UK , CA , italy

Mail + pass , mailer, phpmailer ....

No scam, no rip, no test free ... and don't talk more
If u want :
Send money then i check new cvv and send you cvv good

Min payout : 5cvv thanks

if buy more ... > 50 cvv > 100 cvv then have price cheap cheap :X

If u buy over 50, I will sell for you good cheap, good price I only accept payment with LibertyReserve

contact me : onlinetrade34@yahoo.com

SRY spam

onlinetrade34 wrote:hi everybody sry for spam
this info is very good for you (work)
i sell ccv very cheap

US: 2$ / cvv : (master , vista)

US: 3$ / cvv (discover, amex)


UK , CA , italy

Mail + pass , mailer, phpmailer ....

No scam, no rip, no test free ... and don't talk more
If u want :
Send money then i check new cvv and send you cvv good

Min payout : 5cvv thanks

if buy more ... > 50 cvv > 100 cvv then have price cheap cheap :X

If u buy over 50, I will sell for you good cheap, good price I only accept payment with LibertyReserve

contact me : onlinetrade34@yahoo.com

SRY spam

If you're sorry, stop spamming and get a fucking job, asshat.

hey.. brother this topic not to sell CC or CVV
please dont spamming at here...

go out.. ...

You don't want to learn SQL injection since it currently don't have much use.

we've already been through this about SQL injection, to any passers by - if you use SQL in applications then it's nothing more to figure out SQL injection and even if you don't use SQL but are interested in website security then by all means go ahead and learn it. It might also be useful for me to point out that most things Liidian states are in fact the opposite of how things are in reality so you will actually lean more by remembering the inverse of what he comes up with.

its a primitive technique ....u wont be able to penetrate in websites using Apache,or SQL based databases....SQL Injection can only be successful on Microsoft's database 2005,...!!

How is that meant to be the case? As long as the database back-end runs on SQL requests and these requests are dynamic then the system is open to SQL injection. Thats a comment of Liidianithic proportions

Liidian wrote:You don't want to learn SQL injection since it currently don't have much use.

anicoolrocks wrote:its a primitive technique ....u wont be able to penetrate in websites using Apache,or SQL based databases....SQL Injection can only be successful on Microsoft's database 2005,...!!

Where do you idiots come up with this shit? Before you try to make a post that you think is fact, you might want to verify it. The majority of websites that are compromised are because of SQL injection. SQL injection is not a vulnerability in any particular database application. It's the lack of the developer validating user input. As codex already pointed out, if the database runs on SQL it can be attacked if appropriate input validation is not in place.


Have you guys considered learning about a subject before making assumptions. The only thing primitive here is you.

Seriously. Why would a hacker spam a room full of hackers? That seems paradoxical to me.
Sub question, what is it they're selling? what's a cvv?
Oh.
First post by the way. n008 for the w.i.n.
Isn't sql injection just trying to access the back end of a server by inserting random variables in the url address?

PaRaDoX wrote:
If you're sorry, stop spamming and get a fucking job, asshat.

win. you should be my new digifriend because you called someone an asshat.
DOUBLE POST.
Sorry- wheres the edit button.

...There it is. sorry- I'm retarded.