This is my post at Bmmekwan.tk
friends, I am very glad and happy to write it. I have heard a lots of
people nowadays ask on How to Check SQL Injection I hope you will really
enjoy it
So Today I'm learning SQL injection (SQLi) indepth so I will try teaching you guys a
little of that as well.SQLi is the most popular attack on any website
these days.There has been an enormous increase in SQL programmers and
websites,and the biggest problem with SQL is "Either your
perfect/hacked".Due to poor
coding programmers often leave
vulnerabilities in their site and hackers its our job to inform them and
patch them up.So lets see
how to check if a site if vulnerable to SQLi
Since this is still the basic,there is nothing much to do.All you have to is:
1.Get a site which uses SQL queries.For your convinc,in simpler terms it is any site which has "
www.site.com/something.php?ex=43".You must have seen tons of such sites.Note: NOT all sites which have "=" use SQL queroes it might also use "PHP Get/Post method".
2.Once,you have a site like then just intersert a inverted comma(') like this "
www.site.com/something.php?ex=43'".
3.If the site is vulnerable to SQL then it would return an error something like this.You might get an error like this "
You
have an error in your SQL syntax; check the manual that corresponds to
your MySQL server version for the right syntax to use near '\' AND
single_group = "S"' at line 1"
This error need not be the same always,as long as you get an error you
can tell that the site is vulnerable to SQLi and its up to you to become
a her and report to the site admin.
Best Of luck
Comment us For Batter Results
No comments:
Post a Comment