iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (0)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Found something interesting Take a look
  • Mr. P-teoMr. P-teo
    Posts: 270
    hey everyone,whilst playing around iv found something interesting Look -

    link one - www.hopelutherancranberry.org/readnews.php?id=170 " and 1=1--
    link two - www.hopelutherancranberry.org/readnews.php?id=170 " and 1=2--

    1=1 gives error but not 1=2

    When ever it's false the page works but when ever its correct it doesn't, what do you make of this???

    Must be something wrong here.
    Skype: mrpt3o
    Twitter: MrPteo


    image
  • m0rph
    Posts: 332
    Not that I'm condoning what you're doing, but I have reason to believe it could be vulnerable to blind sql injection.

    I saw a video on milw0rm a long time ago on how it was done, if I remember right, if there's no errors then it's vulnerable (hence, why it's called blind sqli).

    Eventually, when you guess the table and column names, output will start to be displayed from the database.
    while( !(succeed = try() ) );
  • Mr. P-teoMr. P-teo
    Posts: 270
    im not going to continue the attack i was just looking around, but my reason was, i believe for blind 1=2 is supposed to produce the error and not 1=1, that was intrigued me
    Skype: mrpt3o
    Twitter: MrPteo


    image
  • m0rph
    Posts: 332
    said:


    im not going to continue the attack i was just looking around, but my reason was, i believe for blind 1=2 is supposed to produce the error and not 1=1, that was intrigued me


    I'm not too positive, because I've only briefly looked at blind sql injections and that was when I first started hacking like 3 years ago.

    There was some kind of trick about getting an initial error, but after you won't see anything except normal looking pages up until you guess the names of tables and columns.
    while( !(succeed = try() ) );
  • Mr. P-teoMr. P-teo
    Posts: 270
    lol, we will have to wait for someone more experienced in this to find whats actually going on with that site
    Skype: mrpt3o
    Twitter: MrPteo


    image
  • CrashOverron
    Posts: 13
    this site is using a WAF system to block certain queries try searching for articles for bypassing WAF's off the top there is one by nullbyt3 that was pretty decent

    @m0rph: blind sql injection would be when your query doesnt directly output to the screen but it can still throw an error, so with blind you may try to select username/password from users and nothing displays but you can bruteforce each character using ascii() and mid() or a similar technique
  • m0rph
    Posts: 332
    said:


    @m0rph: blind sql injection would be when your query doesnt directly output to the screen but it can still throw an error, so with blind you may try to select username/password from users and nothing displays but you can bruteforce each character using ascii() and mid() or a similar technique


    Yeah, sorry, like I said before, I've only ever looked into it once and I didn't really absorb it as well as I could today. Work is such a downer for me, that I really have no interest in anything other than drinking/women.
    while( !(succeed = try() ) );
Add a Comment