Jump to content

Search the Community

Showing results for tags 'sql injection'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 19 results

  1. URL Dumper is an Online scanner SQLi,XSS. Used too get XSS and SQL Injections vulns.. supports multi search engine, trash system, etc.. Features: -Get all page links by advanced technique with regular expression; -XSS Scanner (auto check all page links); -SQLInjection Scanner (auto check all page links); -Multi-Thread engine; -Get many links by search (google/Yahoo/Live Search/Altavista/Terravista) -Search in the page source by regular expression; -View Source (Code/Browser); -Trash system -Database in SQLite to organize the URL’s -Enabled Proxy server Descarca Cod sursa
  2. MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities. # Exploit Title: MySQL Smart Reports 1.0 - SQL Injection / Cross-Site Scripting # Dork: N/A # Date: 22.05.2018 # Exploit Author: Azkan Mustafa AkkuA (AkkuS) # Vendor Homepage: https://codecanyon.net/item/mysql-smart-reports-online-report-generator-with-existing-data/16836503 # Version: 1.0 # Category: Webapps # Tested on: Kali linux # Description : It is actually a post request sent by the user to update. You do not need to use post data. You can injection like GET me
  3. WhatWaf? WhatWaf is an advanced firewall detection tool who's goal is to give you the idea of "There's a WAF?". WhatWaf works by detecting a firewall on a web application, and attempting to detect a bypass (or two) for said firewall, on the specified target. Features Ability to run on a single URL with the -u/--url flag Ability to run through a list of URL's with the -l/--list flag Ability to detect over 40 different firewalls Ability to try over 20 different tampering techniques Ability to pass your own payloads either from a file, from the termi
  4. Contact Manager 1.0 - (femail) Parameter SQL Injection Vulnerability Author: Ihsan Sencan | Category: web applications | Platform: php Date add: 18-09-2017 | Risk: [Security Risk High] | 0day-ID: 0day-ID-28566 # # # # # # Exploit Title: Contact Manager 1.0 - SQL Injection # Dork: N/A # Date: 15.09.2017 # Vendor Homepage: http://savsofteproducts.com/ # Software Link: http://www.contactmanagerscript.com/download/contact_manager_1380185909.zip # Demo: http://contactmanagerscript.com/demo/ # Version: 1.0 # Category: Webapps # Tested on: WiN7_x64/KaLiLinuX_x64 # CVE: N/A # #
  5. A SQL Injection vulnerability has been discovered in one of the most popular Wordpress plugins, installed on over 300,000 websites, which could be exploited by hackers to steal databases and possibly hijack the affected sites remotely. The flaw has been discovered in the highly popular WP Statistics plugin, which allows site administrators to get detailed information related to the number of users online on their sites, the number of visits and visitors, and page statistics. Discovered by Sucuri team, WordPress plugin WP Statistics is vulnerable to SQL Injection flaw that allows a r
  6. [Complete Sql-Injection Course by Spirit] Hello guys my name is Spirited wolf and here are all my tutorial on most Common type of Sql Injection. You can say A complete Course for every Noob o, Here we go For testing purpose we need to setup some Sqli Labs for testing How things really work. Setup pentesting lab's in kali linux-Tutorial 1 Addon's For Firefox that we need by Spirit-Tutorial 2 Basic's Sql injection from finding column's to dumping database-Part 1-Turorial 3 Explanation for dumping tables and columns-Part 2-Turorial 3 Error Based String W
  7. ###################### # Exploit Title : Joomla com_showdown SQL injection Vulnerability # Exploit Author : xBADGIRL21 # Dork : inurl:index.php?option=com_showdown # version : 1.5.0 # Tested on: [ Windows 7 ] # skype:xbadgirl21 # Date: 2016/07/24 # video Proof : https://youtu.be/IglNYsDcV3g ###################### # [+] DESCRIPTION : ###################### # [+] an SQL injection been Detected in this Joomla components showdown after you add ['] or ["] to # [+] Vuln Target Parameter you will get error like : # [+] You have an error in your SQL syntax; check the manual that corresponds to your M
  8. # Exploit Title: Joomla com_enmasse - SQL Injection # Author: [ Hamed Izadi ] #IRAN # Vendor Homepage : http://extensions.joomla.org/extensions/extension/social-web/social-buy/en-masse # Category: [ Webapps ] # Tested on: [ Win ] # Versions: 5.1-6.4 # Date: 2016/06/15 # Google Dork: inurl:component/enmasse/ # PoC: # id Parameter Vulnerable To SQL # Demo: # http://example.com/component/enmasse/term?tmpl=component&id=2%27 # Youtube: https://youtu.be/LB5qVnXhzXE # L u Arg via
  9. ##################### # Exploit Title : 2016 Website Developed by Silvery Infotech sql injection # Exploit Author : Ashiyane Digital Security Team # Google Dork : "intext:Developed by Silvery Infotech" inurl:page.php?id= # Date: 20 Feb 2016 # Tested On : Windows 10 , Kali linux ################################# # Exploit And Demo: # Vulnerable PHP File = page.php # Vulnerable Parameter = id # # Attack Like : http://artlinkinteriors.com/page.php?id=-1%27%20and/**x**/@ghasem20:=concat_ws%280x3c62723e,@@version%29%20UNION%20SELECT%201,2,3,4,5,group_concat%280x3c62723e,table_
  10. Its the succsessor to havij. Its better faster and more secure. Its the best tool i could find. Licence key is included in rar. You can steal data from servers with this tool Download: https://mega.co.nz/#!Ek90QSyI!p6zSz0tIhD2cfj889AAzrOI8HAnTl61QsAAOw8-pQNI
  11. Stie careva un tutorial bun de SQL injection ca am gasit pana acum numai chestii marunte ? Mentionez k sunt familiarizat cu limbajul , trebuie sa lucrez la skill .
  12. Buna lume ! caut si eu informatii detaliate in legatura cum as putea face sql injection la un anumit site . in imagine vedeti vulnerabilitatile. Dak e cineva disponibil sa ma pot consulta cu el ii mutumesc. http://postimg.org/image/s7y9nan6l
  13. Description SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can generate a pdf report which contains the url vuln found and the url crawled. Features Support for MySQL, PostgreSQL, Microsoft SQL Server and Oracle(BETA) sql injection techniques: union, error based and blind query(and XML Error Based for Oracle also) Automatic random user-agents f
  14. Nu mai gasesc topicul cu defcamp dar tare greu era sai spargi baza de date. Uitativa aici useri inregistrati cu numere de telefon si adrese de email Securitate ZERO !!!
  15. Am facut o scanare cu Acunetix si am gasit ceva erori Ce ziceti , cu havij merge exploatat acest site? Softairgun shop online di articoli e accessori per lo sport Multumesc anticipat
  16. Nu stiu daca a mai fost postat inainte...dar eu nu lam gasit. SQL Helper -- http://www.mediafire.com/?nvkkzyx2yjn aveti aici exploit scanner / admin page finder/brute/dorks/ si mai multe : http://www.mediafire.com/?mkcvr65s9k2op0r I.Alegem un site vulnerabil..(cautati pe google article.php?ID= ,news_view.php?id= sau website.php?id= ) copiati linkul la orcare . II.In sql helper bagati linkul si dati inject.(o sa dureze cva de site) III. Cand o sa apara Site information si value dati ''get detabase'' IV. Din detabse name alegeti o adresa si dat ''get tables' V.Acum selectati unul dintre tabele
  17. Introducere Se stie ca astazi majoritatea aplicatiilor-web îsi pastreaza datele în baza de date, deoarece acest fapt permite de a genera dinamic pagini. Aplicatia-web primeste de la utilizatori date, ulterior aceste date sunt folosite de aplicatie/script pentru generarea unei cereri la baza de date. Evident ca în majoritatea cazurilor pentru a genera cereri la baza de date se utilizeaza limbajul SQL (Structured Query Language). SQL Injection este o vulnerabilitate ce apare în cazurile cînd datele primite de la utilizatori nu se prelucreaza corect. Ca consecinta – raufacatorul potential poate s
  18. Learning Objectives After taking this tutorial, you should be able to: Categorize and explain various types of SQL injection attacks Describe coding and design strategies for avoiding SQL injection attacks Use DBMS_ASSERT to validate input values Use code review tools to identify possible SQL injection vulnerabilities Apply coding standards to eliminate SQL injection vulnerabilities http://download.oracle.com/oll/tutorials/SQLInjection/tutorial.zip
×
×
  • Create New...