Tuesday, September 25, 2012

Check SQL Injection in Best 3 Steps

This is my post at hackers club friends, I am very glad and happy to write it. I have heard a lots of people nowadays ask on How to Check SQL Injection   I hope you will really enjoy it 
So Today I'm learning SQL injection (SQLi) indepth so I will try teaching you guys a little of that as well.SQLi is the most popular attack on any website these days.There has been an enormous increase in SQL programmers and websites,and the biggest problem with SQL is "Either your perfect/hacked".Due to poor
coding programmers often leave vulnerabilities in their site and hackers its our job to inform them and patch them up.So lets see

how to check if a site if vulnerable to SQLi




Since this is still the basic,there is nothing much to do.All you have to is:


1.Get a site which uses SQL queries.For your convinc,in simpler terms it is any site which has "
www.site.com/something.php?ex=43".You must have seen tons of such sites.Note: NOT all sites which have "=" use SQL queroes it might also use "PHP Get/Post method".

2.Once,you have a site like then just intersert a inverted comma(') like this "
www.site.com/something.php?ex=43'".

3.If the site is vulnerable to SQL then it would return an error something like this.You might get an error like this "
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' AND single_group = "S"' at line 1"

This error need not be the same always,as long as you get an error you can tell that the site is vulnerable to SQLi and its up to you to become a her and report to the site admin.

         Best Of luck

No comments: