brute force on sql

06/05/2008 03:27 Melroth#1

hello,
i hope this is the right tread
recently my private server for a game called tibia was hacked into and messed about i found out the person who done it and i would like to return the favour to his server,

a friend of mine manged to do this in a few mins to some other servers but i would like to know myself how to do it

basically i want to retrieve the username and password to a phpadmin
using brute force but with having little knowlegde if any about how to a private msg or a reply from somone who could explain to me if i give u the target if they could explain how they did it would be much appreciated.

thank you for your time

Melroth.

06/05/2008 04:37 Melroth#2

Ok i just found out that he used SQL injection not brute force so if anyone knows how to do it using that could they run it by me thx alot

06/05/2008 08:46 verT!c4L#3

Sql injection is a really nasty thing. You should take a look at your Verifications etc.
There are possibilities to prevent sql injection!

06/05/2008 15:54 Melroth#4

Ya the guy that done it to me put some kind of worm thing that destroyed everything in my database ...

tbh what i wanna do is do it back to him but not as bad as that i just wanna get into his database and change a few things for example on his website change his homepage logo to "What Goes Around Comes Around" stuff like that i know it sounds abit pointless but if anyone has an idea on how im able to get into it id be very greatful

btw its for a private server of a online game using xxamp databse phpmyadmin 2.11.4

thank you

06/05/2008 20:26 Atheuz#5

Quote:

Originally Posted by Melroth

Ok i just found out that he used SQL injection not brute force so if anyone knows how to do it using that could they run it by me thx alot

Go learn PHP and My/Ms/SQL.

06/05/2008 21:43 Melroth#6

thats mainly the reason why i am asking here for somone to give me an example and from that i learn from it i could spend weeks months evan years going on the tuts but as ive come to find a few that i thought would be promising im still left with the same conclusion "what am i looking at?" "what does this mean?" "why am i looking at this and finding myself starting to drag my eyes down and stare at my keyboard counting how many buttons there are" simply cause i have no idea what im meant to be looking at..

so i am on here mainly because ive found alot of useful info in the time ive been here and asking somone just to simply explain to me how to do some things so i can learn from what i allready know would really help me out.

thx once again

06/05/2008 23:22 verT!c4L#7

u wanna be a hacker? then think like one... u need informations about your victim, u know which system he uses.. go google if there are any known issues with this system... it's not as hard as it might sound. if u know how to code, you should be able to get it, let me know if u were successful ;)

06/05/2008 23:54 Melroth#8

well from what i do know is his ip the port he has open "80" the webserver he uses the "xxamp" server website layout is "Nicaw" .. bout it atm ya ill let u know