 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
SQL for nuubs |
 |
 Posted: Mon Jul 02, 2007 9:19 pm |
 |
|
| Not_1337 |
| Beginner |
 |
|
| Joined: Jul 03, 2007 |
| Posts: 1 |
|
|
|
 |
|
 |
|
Hello,
I am all new to this sql injection and exploits for forums would someone be able to point me in the direction of how to do it, that would be very helpful and I would be very greatful.
~Regardz Not_1337 |
|
|
|
|
| Posted: Tue Jul 03, 2007 3:25 pm |
|
|
| Chb |
| Valuable expert |
 |
|
| Joined: Jul 23, 2005 |
| Posts: 206 |
| Location: Germany |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Posted: Tue Jul 03, 2007 5:27 pm |
|
|
| waraxe |
| Site admin |
 |
|
| Joined: May 11, 2004 |
| Posts: 2407 |
| Location: Estonia, Tartu |
|
|
|
|
|
|
My suggestion: make your home computer to testing lab.
Install:
Apache
PHP
MySql
And then try to write your first "Hello World" Php script.
Next - get some old phpbb installation with known sql injection bugs and install to your test system. And then try to hack your own computer. You have then advantage to see exactly, how sql injection and exploiting works - you can follow phpbb source code line-by-line, you can always print out debug data (var_dump($something)).
It is my believe, that self learning by (whitehat) hacking your own test system is far more better way to achieve success, then reading only theorethical stuff. Best way is to combine various learning ways - read e-books, articles, zines. Watch hacking videos (those are very popular in this days). Try it yourself @localhost. And who knows - maybe in one moment you will say "Eureka, I just spotted whole new security bug in phpbb!" 
Remember - there are no shortcuts to whitehack/grayhat/blackhat knowledge and experience. It involves lot's of time spent with testing, trying, learning, reading. But it is worth it  |
|
|
|
|
|
|
... |
|
| Posted: Fri Nov 30, 2007 5:55 am |
|
|
| GoLsT |
| Regular user |
|
|
| Joined: Nov 27, 2007 |
| Posts: 12 |
|
|
|
|
|
|
|
Just Fucking Google It
Here! |
|
|
|
|
|
|
|
|
| Posted: Mon Mar 10, 2008 10:49 am |
|
|
| starski |
| Beginner |
|
|
| Joined: Jan 29, 2008 |
| Posts: 1 |
|
|
|
|
|
|
|
| waraxe wrote: | My suggestion: make your home computer to testing lab.
Install:
Apache
PHP
MySql
And then try to write your first "Hello World" Php script.
Next - get some old phpbb installation with known sql injection bugs and install to your test system. And then try to hack your own computer. You have then advantage to see exactly, how sql injection and exploiting works - you can follow phpbb source code line-by-line, you can always print out debug data (var_dump($something)).
It is my believe, that self learning by (whitehat) hacking your own test system is far more better way to achieve success, then reading only theorethical stuff. Best way is to combine various learning ways - read e-books, articles, zines. Watch hacking videos (those are very popular in this days). Try it yourself @localhost. And who knows - maybe in one moment you will say "Eureka, I just spotted whole new security bug in phpbb!"
Remember - there are no shortcuts to whitehack/grayhat/blackhat knowledge and experience. It involves lot's of time spent with testing, trying, learning, reading. But it is worth it |
i fully agree with these. i adored you man! thanks for the word of wisdom! |
|
|
|
|
|
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 244
Members: 0
Total: 244
