MySQL Injection with SQLHelper. (For noobs)

ErroraBorealis · 05-21-2013, 08:00 PM

(05-21-2013, 06:50 PM)Sapientia Wrote: Theres a way to use it on windows

(05-21-2013, 07:13 PM)Unmasked Wrote: You can use it on windows it's just a python script.

I thought it was linux only. Makes it a little easier to not have to run a vm.

Unmasked · 05-21-2013, 09:33 PM

(05-21-2013, 08:00 PM)Sinisterkid Wrote: I thought it was linux only. Makes it a little easier to not have to run a vm.

Nope back when I had a PC I used to run it, you just need to have python installed.

i0xIllusi0n · 06-21-2013, 05:19 AM

(05-21-2013, 06:39 PM)Sinisterkid Wrote: I don't think sqlmap is for windows is it though? I just use backtrack in a vm if I need linux for something like this.

SQLMap is written in Python which is for Windows too.

Skosh · 06-21-2013, 05:28 AM

Is there a specific link I need to put or just the site one? Im new to this.

Nefarious · 06-21-2013, 05:55 AM

(06-21-2013, 05:28 AM)Skosh Wrote: Is there a specific link I need to put or just the site one? Im new to this.

Use a google dork to find possible vulns, add a ' after the number in the url to see if you get a mysql error.

mig4ng · 06-29-2013, 03:28 AM

got a vunerable site but I'm getting this: "Could not get no. of columns for uknown reasons, if you entered a 'true keyword' and nothing, get the columns manually"

yokai_old · 06-29-2013, 05:11 AM

(06-29-2013, 03:28 AM)mig4ng Wrote: got a vunerable site but I'm getting this: "Could not get no. of columns for uknown reasons, if you entered a 'true keyword' and nothing, get the columns manually"

Then learn SQL and do it manually..or use sqlmap?

Nefarious · 06-29-2013, 09:02 AM

(06-29-2013, 03:28 AM)mig4ng Wrote: got a vunerable site but I'm getting this: "Could not get no. of columns for uknown reasons, if you entered a 'true keyword' and nothing, get the columns manually"

That means the tool will not work for that site, or it's not vuln.

mig4ng · 06-29-2013, 06:26 PM

it is a vunerable site because I've access to the database, I got it from other bug, but I want to learn sqli, I'd like to learn how to make it manually but unfortually I can't find any tutorial.

i0xIllusi0n · 06-29-2013, 08:02 PM

(06-29-2013, 06:26 PM)mig4ng Wrote: it is a vunerable site because I've access to the database, I got it from other bug, but I want to learn sqli, I'd like to learn how to make it manually but unfortually I can't find any tutorial.

You know, actually learning SQL helps with SQL injection.

Or you could just look here http://pastebin.com/ruDvYW7u