| Main » Articles » Web Hacking » SQL Injection |
How to Check SQL Injection in 3 Steps ?
 I'm learning SQL injection (SQLi) indepth so I'll try teaching you guys a little of that as well.SQLi is the most popular attack on any website these days.There has been an enormous increase in SQL programmers and websites,and the biggest problem with SQL is "Either your perfect/hacked".Due to poor coding programmers often leave vulnerabilities in their site and hackers its our job to inform them and patch them up.So lets see how to check if a site if vulnerable to SQLi
Since this is still the basic,there is nothing much to do.All you have to is:
1.Get a site which uses SQL queries.For your convinc,in simpler terms it is any site which has "www.site.com/something.php?ex=43".You must have seen tons of such sites.Note: NOT all sites which have "=" use SQL queroes it might also use "PHP Get/Post method". 2.Once,you have a site like then just intersert a inverted comma(') like this "www.site.com/something.php?ex=43'". 3.If the site is vulnerable to SQL then it would return an error something like this.You might get an error like this "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' AND single_group = "S"' at line 1" This error need not be the same always,as long as you get an error you can tell that the site is vulnerable to SQLi and its up to you to become a her and report to the site admin. That's it ! | |
| Views: 1001 | Rating: 5.0/1 |
| Total comments: 0 | |
