check for sql injection! mediafire(dot)com/?d4d9ackbidf­77go <== cracked version of havij with new modules!

Program to search for vulnerabilities in php scripts

You can download the program go to:

rapidshare. com/files/454622728/security.r­ar

depositfiles. com/files/946egeo54

Note:

In reference to remove blank!

The file can swear antivirus!

The text isn't too small if you use "full screen" mode.

well played...

at 1:31 if you pause you see that persons name and SSID... I wonder if that person really exists and if they do .. that is messed up !!

@Mikey7231980 damn. 30 something and barely going to college. But atleast they tried right

es raro porque ahora .net tiene herramientas para evitar la inyeccion sql a traves del sqlcommand, el codificador de esa web es charcha

@zaperhash

Si. Estos webmasters le valen madre ni quieren modificar sus websites para que son mas seguros.

it cant be that easy

What did you do to the video?

The Pause button doesn't work!

you can user

anything' or '1'='1

@johved Or...

anything') or ('1'='1--

download

LOL nice I want to try that but they probably have higher security now

nice one LOL

I remember about that site,i was inside admin panel long time ago...It is vuln on asp sql injection...Gj bro

this is not sql injection.... he has access to admin..... u can look carefully if u r smart ...... /:)

This is and SQL Injection FYI. If he really was an admin then what about the news report. ot how about entering the same thing in User and Pass

what is he writting as commands?

what is he using for the username and password ?

'or"a"or'

'or''a' ... it's too small for me to see

a tip for anyone who is tryin to do this.. do it from a proxy... will make it harder to catch u.

unless if you "steal" their database, they'll pretty much never find out, unless it's a government site, and government sites written in sql are far and few between.

@xDontFaintx wtf?!?! can thay catch me? I did not know it. I have already done it

@xDontFaintx VERY VERY TRUE!

good point

I think the FBI are more interested in things like Operation Bot Roast to worry about minor kiddie hacks like SQL Injection anymore. It's old news.

I bet if the FBI were smart and just DDoSed the shit out of all the irc servers, that would take care of a huge part of the botnets out there.

@sinschild07 Um... There are multiple-millions IRC servers. DoSing them isnt an option.

I guess denning  sql injection is pretty much the webmaster job.. my sites are SQL safe.. Rails power =)

wow man if they catch u u can get in serious trouble talking 19 years of prison

moron..

look mate, ur the one fkin idiot posted here.

why do you watch/comment videos about topics, you don't even know?

omg kill urself...

This DOES work, you just have to dig very deep in google searches. I found a couple, got into the admin, and left. Don't want to do anything to malicious :D The one was a freaking flower shop, I'd feel bad...

Nice! ^^

Great video. VanHoolPilot is fascist don't let him convince you of anything.

way too fast..

YOur plain stupid. Talk when you learn not to triple post.

simple shit

SQL injection is one of the easiest exploits...if you haven't patched it, you shouldn't be a site admin.

This is plain stupid - people think they know lots because they practice SQL injection. And if people are wondering why it doesn't work, it's probably because the site owner has cleared the input from SQL injection using the mysql_real_escape_string PHP function.

what the fuck!!!

come on! this is not sql injection! you're just guessing login and password. sql injection by definition must be an sql command that does something to your database for example erase it. here you do login.

You are wrong. He is using injecting an OR command so when it checks the username it is sedning something like this to query the database 'IF USERNAME = ADMIN OR NOTHING = NOTHING THEN LOGIN = TRUE'  Something long those lines.

This video is useless becuase the text is too small to read...

@kurtisgod84

you just need some glasses

i can see user and pass

i cant seem to do it on d website now O_O

when it work wht u right in the username and password because its not clear

Well VanHoolPilot right now your a leech on the ass of this video, so kindly fuck off.

VanHoolPilot shut the fuck up if you dont like it then dont search this shit

nice tut man realy helped me out 5/5 =D

Dude what you mean when saying check into a PHP book b'cause I already have one of the oldest volume of the PHP for webpgs but is from 1999, I'm not sure how much the code has changed since this edition I got. PHP are new editions too like microsoft things you know visual studio 5.0 to version 9. something or is the same code always.

Say whatever u want, write whatever u can,

nothing can stop US!

p/s:Fuck you VanHoolPilot. lol~

He's ehh... not the brightest person.

He thinks he's making a difference. There's no stopping his evil now...

lol.

could you tell me how to find the site like that i mean is not the official school site then what site is?

@r3muXr3mu U.S.? =))))) lol man. Russia and Romania kick asses.

@cableguy91

Romania LOOOOOOOOOOOOL

Im not shure that you really have computers and electricity.

LOOOOOL

@Geilo999 shut up troll. go cry in a corner.

@r3muXr3mu fucking retarded skiddie



Now now, calm down. No need for caps lock.

Ethical hackers are the ones that are hired.

They are not(annoying caps lock nonsense-name here).

What you say his true but what I most believe if that the US is trying to do that over anybody. They are trying to control the entire planet...this is even more wrong!

Dude when did you post this? Actually all my respect for you I guess you might have a very high IQ to inject a webpage but somehow doesn't look real. Well I will try to hack into one first so I can believe you. But by now Very Smart do. very smart.

It works. Read up on php and SQL, then start looking into SQL Injection.

Oh that's right in your warped sense of right and wrong. You post in support of criminal activity and that's fine, but somehow my comment pointint out it is criminal as are those who participate in that criminal activity is out of line? Hackers are LEECHES on the ass of society. PERIOD!

So you're saying that ethical hackers, the ones that hack to find vulnerabilities and proceed to fix them and inform others, are the LEECHES on the ass of society? The ones that help defend your computer?

Like I said, it's entirely clear you just do not understand the concept of leaving people alone, not bothering people, not destroying things that do not belong to you, not breaking into a property not your own. You criminally hack into computers and that to you is OKAY, but I am somehow WRONG in recognizing it for what it is? Criminal! Unethical! ---- Fact is, you just don't get it! Your parents should be sued for malpractice THEY CLEARLY FAILED THEIR DUTY TO TEACH YOU RIGHT FROM WRONG!

Are you quite finished?

I don't want to get any e-mails about your annoying comments.

They taught me fairly well, if I do say so myself, but this is YouTube, not a blog.

Also, would you mind explaining why you took the time to search for a video only to post a rather crude comment explaining something he fully understands?

"Feeling of accomplishment or whatever?" Makes no sense whatsoever. You sit here RATIONALIZING that it is okay to hack into somebody else's computer. There's simply no argument to support that CRIMINAL ACT which is justifiable.

You don't know the difference between having an education and being an emotional and social retard. Clearly you do not understand the concept most intelligent people, MATURE people do understand and that is BECAUSE YOU CAN DOESN'T MEAN YOU SHOULD! It was your parent's job to teach you that, clearly they failed.

lolkay

bai naow

Have fun with your feeling of accomplishment or whatever.

Haking by injection SQL = LAMMER

I think he means that hackers and spammers have proper educations and should be hated because his IQ is, obviously, abnormally low. I don't see how you can offend a bunch of "MAGGOTS" such as the educated people you seem to hate so much by posting an annoying YouTube comment. Get off the internet. Now.

I'm sure he was fully aware of the risks. The only thing he should be afraid of is some retard claiming to send a video to the FBI. First of all, I can tell that by the way you attempt to insult him on the internet, that you're not smart enough to download this video. Or know how to send things to the FBI. Or use e-mail. Second, his parents must have been functional members of society because, unlike your parents, they got him educated. He was smart enough to know this. You were not.

But i know how :)

Good hacking/warez/tutorials website in my profile saince youtube wont let me put it in. go ahead and register!

what did you use in 1:06 part of video ??

what loginID and password ?? i can't see..

chan you give my the page where i chan find the sql injection? pm

I'm getting tired of replying to these comments. You're wasting your time you ignorant fool.

is the injection doesnt work right click on the website and selct "view source" and it gives you te codes for the webste delete the javascript save it to my documents and the paste the html code in the ip address then try sql injection

just so ya'll know these real short SQL injections only work on weak websites like churches and a few small schools.

Simple as it may be to hack into a site using injection, its almost even simpler to counter. Just check the string for illegal characters and noone can hack your site using that method.

nicely done bro but this will not owrk at any government website or even city website their nto as stupid as they used to be....

please tell me where i get the SQL Injection

Where I can find SQL commands.I look at google but I don't find.Give me link to the site with the commands pls.

this was actually decent good job m8

motherfuckers hackers!!

hehe =)

nice i use the same thing

lol. You champ

lol, people that host websites without protecting from sql injections deserve to have them hacked. It's not exactly a Hard thing to do..

No of course it will not work at that site anymore. You have to find other targets. And there are other targets. Do not be afraid to step in the water and surf with google to find more.