|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 72
Members: 0
Total: 72
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
hi |
|
Posted: Fri Aug 03, 2007 7:55 pm |
|
|
valntinolove |
Beginner |
|
|
Joined: Aug 03, 2007 |
Posts: 1 |
|
|
|
|
|
|
|
hi iam a new member here many people say to me i'll be some thing in sql injection in this forum coz it has alot of prof. in this game
realy i wanna to be prof. too so i have some qustions and any one can replay plz give me also good paper or the place which he get the answer from
1-how can i updat all tables in one time without get all columns from having 1=1
2- can i get the tables and columns with this way
having 1=1 the result (admin.username)
the i make like this
group by admin.username having 1=1 and table_name not in(admin)
3- how can i get the information of the database and connect to it(mssql/mysql)
i can get the user with user() and the curent database with database()
and the host
select host from mysql.host
is that right ?
4-how can i add user to the server and iam not dbo or adminstrator so i can't use cmd_shell
5-when the magic_quites=on i cann't use select into outfile coz it's agrument must in '' so what can i do or is there anther way to upload file
i tried to crypt it or put it in concat and any thing but never worked
6-i have a lot of sites i get the table names and columns names from information_schema.cloumns but when i make the query it gives me error massage that there is not table like this !! how is that be..?
7-i have a site when i make select user from mysql.user the result be
???a??? and password ???A??? is that crypt or i havn't permtions or what?
8-how can i use show function in injection
9- why i can't user * in injection
10-how can i use sp_columns or tables ?
i know that's very boring but i think there is here some good members can help me
C U |
|
|
|
|
|
|
|
|
Posted: Tue Aug 28, 2007 4:09 pm |
|
|
ketchup |
Regular user |
|
|
Joined: May 16, 2006 |
Posts: 23 |
Location: no |
|
|
|
|
|
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|