Google Dork:
inurl:”id=” & intext:”Warning: mysql_fetch_assoc()
inurl:”id=” & intext:”Warning: mysql_fetch_array()
inurl:”id=” & intext:”Warning: mysql_num_rows()
inurl:”id=” & intext:”Warning: session_start()
inurl:”id=” & intext:”Warning: getimagesize()
inurl:”id=” & intext:”Warning: is_writable()
inurl:”id=” & intext:”Warning: getimagesize()
inurl:”id=” & intext:”Warning: Unknown()
inurl:”id=” & intext:”Warning: session_start()
inurl:”id=” & intext:”Warning: mysql_result()
inurl:”id=” & intext:”Warning: pg_exec()
inurl:”id=” & intext:”Warning: mysql_result()
inurl:”id=” & intext:”Warning: mysql_num_rows()
inurl:”id=” & intext:”Warning: mysql_query()
inurl:”id=” & intext:”Warning: array_merge()
inurl:”id=” & intext:”Warning: preg_match()
inurl:”id=” & intext:”Warning: ilesize()
inurl:”id=” & intext:”Warning: filesize()
inurl:”id=” & intext:”Warning: require()
Read more…
Categories: Database Security, Servers, Tutorialz Tags: Amp, Array, database, dork, Download Rar, Download Sql, Download Tool, Download Video, Exec, Google, hacking, hacks, injection, mysql, Pg, sql, Video Tool
-[ SUMMARY ]———————————————————————
Introduction
Injecting SQL
Exploiting a Login Form
Exploiting Different SQL Statement Type
Basic Victim Fingerprinting
Standard Blind SQL Injection
Double Query
Filters Evasion
SQL Injection Prevention
Conclusion
———————————————————————————
Read more…
Categories: Database Security, Servers Tags: database, db, hack, hacked, hacking, linux, microsoft, mysql, network, networking, permission, security, sql, sql injection, sql injections, user, web, web app, web security
Currently only for MySQL and Microsoft SQL Server. Most of the samples are not correct for every single situation. Most of the real world environments may change because of parenthesis, different code bases and SQL sentences.
Read more…
Categories: Database Security, Website Security Tags: cheatsheet, database, db, hacked, hacking, microsoft, MSSQL, mysql, network, root, security, sql, sql injection, sql server