Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
The ha.ckers.org and sla.ckers.org web application security lab house rules and a place for you to introduce yourself if you like. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Hi
Posted by: Mighty Racoon
Date: February 23, 2009 02:39PM

Hi...

I was trawling the web looking to learn a bit about XSS and SQL Injection, and this looks like a really good place to learn.

So I'm basically introducing myself, and hoping that you guys on here are nice guys and pretty helpful =]

Where should I start looking to learn the basics of XSS and SQl Injection?

Thanks, and I hope to be chatting with most of you pretty soon in the future :)

Racoon

Options: ReplyQuote
Re: Hi
Posted by: backbone
Date: February 23, 2009 08:38PM

Hi there...

Google to the rescue for XSS and a blog post I did a couple of days ago SQLInjection (selfish self promotion, but got some interesting resources :)...

After that try some challenges, there were posted quite a few somewhere around here.

XSS Challenge and SQL Injection (on the sql injection challenge only the login bypass/blind sql injection sections work).

---
blog [-] microblog

Options: ReplyQuote
Re: Hi
Posted by: Mighty Racoon
Date: February 25, 2009 03:15PM

Hey,

Thanks very much...

I'm still struggling to understand the SQL stuff, and can't seem to get past level 1 on the login bypass challenge...I just get a syntax error :S ah well, I'll keep at it!

Thanks anyway mate,

Racoon

Options: ReplyQuote
Re: Hi
Posted by: backbone
Date: February 26, 2009 02:52AM

the simplest way to learn is to install a sql server locally and run SQL commands on it... challenges are there to give you ideas about the ways vulnerabilities are found on the web.

cheers...

---
blog [-] microblog

Options: ReplyQuote


Sorry, only registered users may post in this forum.