+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: How to find the Vul SQLi on the site (/Thread-How-to-find-the-Vul-SQLi-on-the-site)
Pages:
1
2
How to find the Vul SQLi on the site - blackcobra - 02-22-2013
Hello
How can i find a SQLi on the site have extension *.hml or other extension.
ex: example.com/products.html
how can I find vul on that?
Thx
How to find the Vul SQLi on the site - blackcobra - 02-22-2013
Hello
How can i find a SQLi on the site have extension *.hml or other extension.
ex: example.com/products.html
how can I find vul on that?
Thx
RE: How to find the Vul SQLi on the site - blackcobra - 02-24-2013
Anyone can help me?
Thx
RE: How to find the Vul SQLi on the site - blackcobra - 02-24-2013
Anyone can help me?
Thx
RE: How to find the Vul SQLi on the site - Cosmic_mybb_import11040 - 02-25-2013
Don't double post if no one replies.
RE: How to find the Vul SQLi on the site - 1llusion - 02-25-2013
There are several techniques, please read some SQL injection tutorial to actually understand what you are looking for.
RE: How to find the Vul SQLi on the site - blackcobra - 02-26-2013
(02-25-2013, 10:36 PM)1llusion Wrote: There are several techniques, please read some SQL injection tutorial to actually understand what you are looking for.
I read, but the tutorial only show where u have ID not html or other extension file such chn...
RE: How to find the Vul SQLi on the site - 1llusion - 02-26-2013
(02-26-2013, 03:50 AM)blackcobra Wrote:(02-25-2013, 10:36 PM)1llusion Wrote: There are several techniques, please read some SQL injection tutorial to actually understand what you are looking for.
I read, but the tutorial only show where u have ID not html or other extension file such chn...
Oh... euhmmm... read a bit about parameters and how they are sent to server. POST and GET methods and general stuff around.
A little introduction: http://www.w3schools.com/tags/ref_httpmethods.asp
if you have a URL of:
Code:
index.php?test=somethingRE: How to find the Vul SQLi on the site - blackcobra - 02-28-2013
(02-26-2013, 05:49 PM)1llusion Wrote:(02-26-2013, 03:50 AM)blackcobra Wrote:(02-25-2013, 10:36 PM)1llusion Wrote: There are several techniques, please read some SQL injection tutorial to actually understand what you are looking for.
I read, but the tutorial only show where u have ID not html or other extension file such chn...
Oh... euhmmm... read a bit about parameters and how they are sent to server. POST and GET methods and general stuff around.
A little introduction: http://www.w3schools.com/tags/ref_httpmethods.asp
if you have a URL of:the ".php" is extension and "test=something" is parameter.Code:index.php?test=something
Which tool I can find the parameter? Burp....?
RE: How to find the Vul SQLi on the site - Faner - 02-28-2013
Some websites uses that mod_rewrite or something like that, to change url.
For example I have seen the webpage
Code:
http://www.website.com/articles/science/spaceship_fuel.html