0

how to break into a https site accept SQL injection

plz give any reference link, that'd great

21st Jun 2016, 7:42 PM
kev
kev - avatar
3 Réponses
0
Script kiddy?
23rd Jun 2016, 10:47 PM
Christian
0
DON'T if you don't own it you are breaking the law. further more it's annoying and arguably immoral.
24th Jun 2016, 3:35 PM
josh mizzi
josh mizzi - avatar
0
Use google dorks to find a site. For example say there is a sight called www.site.com/index.php?id=1. To test the site you would put an ' at the end number of "id=1", so it should look like this id=1'.Then you use the order by functiion to find out how many tables their are. You keep raising the number till you get an error then you go to the number before the error. Then you use "Union All Select 'how ever many tables their are'" for example Union All Select 1,2,3,4,5,6. And you keep using union untill your done. This is a union based sql injection. Ask me question if your confused.
21st Jul 2016, 3:57 AM
manny