SQL Injection Attack in search form

Re: SQL Injection Attack in search form

huz — Wed, 28 Mar 2012 10:15:57 -0500

i am not understand much details about the alternate encoding.. what i know is to put the statement in the different form but in the same meaning..

anything else? for example how it can be done or something else..

any help would be appreciated.. :) thnks!

Re: SQL Injection Attack in search form

dangerbear — Tue, 27 Mar 2012 09:48:00 -0500

You can try different encodings for the characters you're trying to inject. Look online and find some cheat sheets with alternate encodings. Also, some SQL injections do not require any quotes/slashes, so keep that in mind.
For the XSS, you can try using a null byte ( %00 ) and see if that changes its behaviour. Or, again, look for a cheat sheet with some filter evasion techniques.

Re: SQL Injection Attack in search form

huz — Mon, 26 Mar 2012 01:45:18 -0500

the_storm Wrote:
-------------------------------------------------------
> This maybe is one reason you might try another web
> browser, or maybe there is some filteration in the
> website against XSS attacks :)

thanx! i'll try that later...but is xss been secured?

Re: SQL Injection Attack in search form

the_storm — Sun, 25 Mar 2012 15:52:36 -0500

This maybe is one reason you might try another web browser, or maybe there is some filteration in the website against XSS attacks :)

Re: SQL Injection Attack in search form

huz — Mon, 19 Mar 2012 19:26:29 -0500

@Reiners
thank you for your reply!
i don't know, just try to attack the web.
but i have put backslash just like you said.. i put "some\" and the result is..
Sorry, your search: "some\\" returned zero results
i think it use magic_quotes. how to bypass that?
i tried to encode but the result is the one that i encode.

@the_storm
thanks!
i tried putting this one
""
but the result is
Sorry, your search: "" returned zero results
i think this is because of my browser. current version of web browsers are already secured from xss isn't it?

Re: SQL Injection Attack in search form

the_storm — Mon, 19 Mar 2012 17:42:57 -0500

I dont think it is vulnerable to SQLi but you should try XSS!! I think it is vulnerable !

Re: SQL Injection Attack in search form

Reiners — Mon, 19 Mar 2012 08:11:50 -0500

it is probably not vulnerable to SQL injection. note the escaped single quote. is the backslash \ escaped too ?

PS: although your description is not that detailed it is nice to see a thread again without "please hack http://url/".

SQL Injection Attack in search form

huz — Sun, 18 Mar 2012 22:15:45 -0500

hello guys, i have one question here..

i have a website using php..i tried to launch the attack through the search form but i failed.. when i put some statements in the field, the result showed back the statement i given earlier..

for example, i put " ' or 1=1-- ".. and the result is..

Sorry, your search: "\' or 1=1--" returned zero results

it keep repeating what i put in the form.. anyone can help me?
thank you in advance! :)