 |
|
 |
 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 129
 Members: 0
 Total: 129
|
|
|
|
|
|
Full disclosure |
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
my 1st noob question about sql injection |
|
 Posted: Thu Jul 03, 2008 12:04 am |
 |
|
| droidman |
| Active user |
 |
|
| Joined: Dec 10, 2007 |
| Posts: 31 |
|
|
|
 |
|
 |
|
with the new SALTED md5 its almost if not impossible to crack a password so... is it possible in any way to ADD a new admin user or change a password using sql injection instead of getin' the salted md5 ?
(on a joomla website for example) |
|
|
|
|
| Posted: Fri Jul 04, 2008 11:37 am |
|
|
| siurek22 |
| Regular user |
|
|
| Joined: May 31, 2008 |
| Posts: 13 |
|
|
|
|
|
|
|
| if the server is on linux it is imposible but if on windows you can tray write normall mysql code to add |
|
|
|
|
| Posted: Fri Jul 04, 2008 11:07 pm |
|
|
| droidman |
| Active user |
|
|
| Joined: Dec 10, 2007 |
| Posts: 31 |
|
|
|
|
|
|
|
| siurek22 wrote: | | if the server is on linux it is imposible but if on windows you can tray write normall mysql code to add |
hmm... damn :/ i belive this one is linux. thank you for your help |
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|
