 |
Menu |
 |
|
 Home |
| |
|
 Discussions |
| |
|
 Tools |
| |
|
| Affiliates |
| |
|
 Content |
| |
|
 Info |
| | |
|
|
|
|
|
User Info |
|
 Membership:
 Latest: MichaelSnaRe
 New Today: 0
 New Yesterday: 0
 Overall: 9144
 People Online:
 Visitors: 225
 Members: 0
 Total: 225
|
|
|
|
|
|
Full disclosure |
|
CyberDanube Security Research 20251014-0 | Multiple Vulnerabilities in Phoenix Contact QUINT4 UPS
apis.google.com - Insecure redirect via __lu parameter(exploited in the wild)
Urgent Security Vulnerabilities Discovered in Mercku Routers Model M6a
Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS)
[SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal
[SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files
CVE-2025-59397 - Open Web Analytics SQL Injection
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Re: Defense in depth -- the Microsoft way (part 93): SRP/SAFERwhitelisting goes black on Windows 11
Re: [FD]: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Re: [FD]Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain ? Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Samtools v1.22.1 Uncontrolled Memory Allocation from Large BED Intervals Causes Denial-of-Service in Samtools/HTSlib
Samtools v1.22.1 Improper Handling of Excessive Histogram Bin Counts in Samtools Coverage Leads to Stack Overflow
|
|
|
|
|
|
 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
|
SQL for nuubs |
|
 Posted: Mon Jul 02, 2007 9:19 pm |
 |
|
| Not_1337 |
| Beginner |
 |
|
| Joined: Jul 03, 2007 |
| Posts: 1 |
|
|
|
 |
|
 |
|
Hello,
I am all new to this sql injection and exploits for forums would someone be able to point me in the direction of how to do it, that would be very helpful and I would be very greatful.
~Regardz Not_1337 |
|
|
|
|
| Posted: Tue Jul 03, 2007 3:25 pm |
|
|
| Chb |
| Valuable expert |
 |
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Posted: Tue Jul 03, 2007 5:27 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
My suggestion: make your home computer to testing lab.
Install:
Apache
PHP
MySql
And then try to write your first "Hello World" Php script.
Next - get some old phpbb installation with known sql injection bugs and install to your test system. And then try to hack your own computer. You have then advantage to see exactly, how sql injection and exploiting works - you can follow phpbb source code line-by-line, you can always print out debug data (var_dump($something)).
It is my believe, that self learning by (whitehat) hacking your own test system is far more better way to achieve success, then reading only theorethical stuff. Best way is to combine various learning ways - read e-books, articles, zines. Watch hacking videos (those are very popular in this days). Try it yourself @localhost. And who knows - maybe in one moment you will say "Eureka, I just spotted whole new security bug in phpbb!" 
Remember - there are no shortcuts to whitehack/grayhat/blackhat knowledge and experience. It involves lot's of time spent with testing, trying, learning, reading. But it is worth it  |
|
|
|
|
|
|
... |
|
| Posted: Fri Nov 30, 2007 5:55 am |
|
|
| GoLsT |
| Regular user |
|
|
| Joined: Nov 27, 2007 |
| Posts: 12 |
|
|
|
|
|
|
|
Just Fucking Google It
Here! |
|
|
|
|
|
|
|
|
| Posted: Mon Mar 10, 2008 10:49 am |
|
|
| starski |
| Beginner |
|
|
| Joined: Jan 29, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
| waraxe wrote: | My suggestion: make your home computer to testing lab.
Install:
Apache
PHP
MySql
And then try to write your first "Hello World" Php script.
Next - get some old phpbb installation with known sql injection bugs and install to your test system. And then try to hack your own computer. You have then advantage to see exactly, how sql injection and exploiting works - you can follow phpbb source code line-by-line, you can always print out debug data (var_dump($something)).
It is my believe, that self learning by (whitehat) hacking your own test system is far more better way to achieve success, then reading only theorethical stuff. Best way is to combine various learning ways - read e-books, articles, zines. Watch hacking videos (those are very popular in this days). Try it yourself @localhost. And who knows - maybe in one moment you will say "Eureka, I just spotted whole new security bug in phpbb!"
Remember - there are no shortcuts to whitehack/grayhat/blackhat knowledge and experience. It involves lot's of time spent with testing, trying, learning, reading. But it is worth it |
i fully agree with these. i adored you man! thanks for the word of wisdom! |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
