Silvernews Admin Sql Injections

Articles Metasploit Framework Windows Tutorial Remote Desktop Connection Windows Processes That May Be Dangerous How-To use NetCat a Tutorial Common Linux Commands Common Ports Netcat Commands HTTP Response Codes War-Google Hack Terms Wardriving Avoiding Social Engineering and Phishing Attacks Intrusion Detection on Linux Linux Intrusion Detection Penetration Testing Guide Penetration Testing Tools Social Engineering Fundamentals, Part I: Hacker Tactics Social engineering (computer security) The Psychology of Social Engineering The Archives General GSO GovernmentSecurity.org News & Suggestions In The News Open Topic General Security Information Trash Can Exploit & Vulnerability Mailing List Archives Trial Member Forum Product and Program Reviews GSO Tutorials System Security Windows Systems Beginners Section Linux & Unix Systems File Downloads Exploit Research & Discussion Trojan & Virus Errata Networking Security / Firewall / IDS / VPN / Routers System Hardening E-Mail Security Wifi Security Trial Member Uploads Upload discovered Trojans & Mal ware GSO Programming Section C , C++ , VC++ Visual Basic .NET Perl /CGI Java/Javascript PHP/XML/ASP/HTML Assembly + Other The Cork Board Network Security Consultant Directory Network Security Jobs The Archives Encryption Information General Network Security Internet Anonymity HTTP Protocol Security Linux Security MS IIS Information Exploit Articles Programming / Tool Design GSO Software Projects Public Downloads Microsoft Security Questions and Papers		Help - Search - Member List - Calendar Full Version: Silvernews Admin Sql Injections GovernmentSecurity.org > General GSO > Trial Member Forum Erliene Aug 4 2005, 03:22 AM User: ' or isnull(1/0) /* Pass: whatever Source: http://www.securityfocus.com/bid/14466/exploit To find Silvernews site, just Googling with "allintext: powered by silvernews" keyword n.n.p Aug 4 2005, 09:16 AM Interesting, never seen one with that form before Sylveste Aug 7 2005, 05:11 PM QUOTE(n.n.p @ Aug 4 2005, 10:16 AM) Interesting, never seen one with that form before Yeah, but are there any important improvements compared to the known Forms (' or 1=1 and so on) ? lobas Aug 7 2005, 11:11 PM lol i cant eblive something this simple actually worked IcedOut3E Aug 16 2005, 06:51 PM I as well have never seen the " ' or isnull(1/0) /* " type used in an sql injection. I understand that isnull(1/0) evaluates to true but what is the /* used for? Axl Aug 16 2005, 11:23 PM the /* ends the execution of the sql query...that why you cant input whatever you want as password lets say the query that is normaly executed is: select * from blabla where username=x and password=y ..... by using the sql injection you change the query to select * from blabla where username=' or 1=1 /* 1=1 is always true so it will select the first entrance in the db as the user(in this and many other cases=the admin) and thats it,its one of the most simple methods of sql injection IcedOut3E Aug 17 2005, 05:15 AM QUOTE(Axl @ Aug 16 2005, 07:23 PM) the /* ends the execution of the sql query...that why you cant input whatever you want as password lets say the query that is normaly executed is: select * from blabla where username=x and password=y ..... by using the sql injection you change the query to select * from blabla where username=' or 1=1 /* 1=1 is always true so it will select the first entrance in the db as the user(in this and many other cases=the admin) and thats it,its one of the most simple methods of sql injection Thats what I thought it was. I usually see it as a "--" (dash dash) but it all makes sense now. Thanks for the clarification. This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here. Invision Power Board © 2001-2005 Invision Power Services, Inc.