Sql Injection

HaIzI72G3TxH2G · 09/28/2005, 14:24

anyone actuley done it?i have been testing with diffrent stuff i cant seem to get it work right.

i have readed diffrent tutrials and not even 1 showed me a LIVING example.

anyways i got the general idea of it.

heres few link:

this is the best one i found ..

anyways the example(action) they puted to be tested dosent work anymore. could someone help more?

Maybe It's Maybelline · 09/28/2005, 20:07

To get this straight, learn php and mysql.
With this Languange some things should be clear,
we won't show you any living example because we
aren't a destructive community, with XSS you can
even gain root access... This isn't funny at all.
Sorry but you'r a totally ******, you can't even read
exactly. You are just like the others, you want todo big stuff without learning... If I'm wrong, show me that your different but a post tells alot about a person... If so, **** off.

http://en.wikipedia.org/wiki/XSS

HaIzI72G3TxH2G · 09/28/2005, 20:21

i do know php and mysql im learning more into it.. am working on project actuley

..

no,i'm not like the others i do seek more knowldge i like to find out new things and i dont want to lie saying i dont like knowing how stuff works or how they are made and how exploits can be found...but what i can tell you im always up for learning and i recently ben talking with friends bout sql injection and i ben searching on google for ages aboute it. ben reading for bout 5 days.

EDIT:

thank you for the site , it contains much more better infromation than the others.

Maybe It's Maybelline · 09/28/2005, 20:30

Then why for gods sake are you asking us how to use the 'exploit' XSS (Sarcasm is hiding there) if you would do know
php and mysql you wouldn't ask us such questions.
Reading does sucks, you need some tests... Open a localhost server to try it out.

Edit: the Site i've posted just should show you what XSS is, it seems in your first post
that you think XSS (Sql injection) is an exploit which always works but it depends how it is coded.

HaIzI72G3TxH2G · 09/28/2005, 20:34

Quote:

Originally posted by Marie@Sep 28 2005, 20:30
Then why for gods sake are you asking us how to use the 'exploit' XSS (Sarcasm is hiding there) if you would do know
php and mysql you wouldn't ask us such questions.

i dont know evreything , basicly each time i try to code a new thing i look at other pepole source codes(examples)and work from there.

this is what i ben worried aboute,recently a guy stoled my whole website (.php files) and posted it on site for download.. i couldnt protect myself i kept changing passwords but no use.. but then i knew how he did it and it was all aboute the quote ....

Knowing what can be done can sometimes help Preventing what can be done.

Maybe It's Maybelline · 09/28/2005, 20:38

Continue learning php, already disabling/enabling the quotes (As you said... Or I hope you'Ve meant magicquotes)
can do wonders... But if you want to prevent you need to know how something works. Like in all languanges
you'll learn fast the weaknesses and how to prevent it, so learn more php.