sql injection

ebrizzlez · Post by **ebrizzlez** » 15 Apr 2009, 22:21

http://rapidshare.com/files/221895574/hackerwebexploit.tar.gz.html

Thats the source file of the cd-rom image of a great book on the topic of web hacking, Hacker Web Exploitation Uncovered, in the following file is a bunch of vulnerable PHP scripts open to various attacks. Just setup your own apache server, imo, WAMP is easy to setup, just install and run:

Code: Select all

http://www.wampserver.com/

You must remember we hack to learn, not learn to hack. And hacking isn't about fun, it's about learning, the more we know, the more we can help others. Hacking to destroy, or for malicious intentions is not what hacking is all about, hacking to help improve security is what communities such as suck-o thrives on. Security awareness is also very important in todays society.

If you go out in the world and start trying all these SQL Injections on random sites you googled, not only have you be predefined as a major skiddie, your intentions are already set to be wrong and random malicious activities, and not only would you be damaging many sites, you might inhand, be caught. Some websites "present" themselves as if they were vulnerable to a certain attack, but secretly are patched, so when you try these attacks, the logs light up like a christmas tree and they would eventually report you and blacklist your IP.

So stay safe, and remember when hacking, don't get too wet and use some protection as well, such as proxies and firewalls, and condoms.

Achkiller · Post by **Achkiller** » 15 Apr 2009, 22:31

ebrizzlez wrote:
Code: Select all
http://rapidshare.com/files/221895574/hackerwebexploit.tar.gz.html
Thats the source file of the cd-rom image of a great book on the topic of web hacking, Hacker Web Exploitation Uncovered, in the following file is a bunch of vulnerable PHP scripts open to various attacks. Just setup your own apache server, imo, WAMP is easy to setup, just install and run:
Code: Select all
http://www.wampserver.com/
You must remember we hack to learn, not learn to hack. And hacking isn't about fun, it's about learning, the more we know, the more we can help others. Hacking to destroy, or for malicious intentions is not what hacking is all about, hacking to help improve security is what communities such as suck-o thrives on. Security awareness is also very important in todays society.

If you go out in the world and start trying all these SQL Injections on random sites you googled, not only have you be predefined as a major skiddie, your intentions are already set to be wrong and random malicious activities, and not only would you be damaging many sites, you might inhand, be caught. Some websites "present" themselves as if they were vulnerable to a certain attack, but secretly are patched, so when you try these attacks, the logs light up like a christmas tree and they would eventually report you and blacklist your IP.

So stay safe, and remember when hacking, don't get too wet and use some protection as well, such as proxies and firewalls, and condoms.

Alright thanks alot for the info. hope to see you around the site

Achkiller · Post by **Achkiller** » 15 Apr 2009, 22:44

Do u have downlaod link for http://www.wampserver.com/?

i cant understand anything its in french

Achkiller · Post by **Achkiller** » 15 Apr 2009, 22:55

any one have a tut on this?

Post by **bad_brain** » 16 Apr 2009, 05:22

not a real tut, but still very good:
http://ha.ckers.org/sqlinjection/

here you can get a nice Apache web server package for Windows:
http://www.apachefriends.org/en/xampp.html

ebrizzlez · Post by **ebrizzlez** » 16 Apr 2009, 14:11

Opps.

Code: Select all

http://www.wampserver.com/en/index.php

Thats the english version of the site.

And as b_b mentioned before, Xampp is another great apache package you can use. You should mess around with both and see which one you would prefer.

hpprinter100 · Post by **hpprinter100** » 07 Nov 2009, 11:31

thx that was useful for the realistc mission 2 ( on hackthisiste.org)