Jump to content

Recommended Posts

Posted

hi i got IP for the DB on the server i play on, and i wanted to know if theres like some kind of ms sql exploit thing i can throw at it to get in xd

 

 

Check the Back Track 2.0.. is good and have many utilities for SQL injection but.. no is easy..

 

it's very hard find user and pass of DB SQL...

Posted

If you don't even know about SQL, you shouldn't even bother with injection. You can only inject a code if you know how to make it, don't think copy/paste will always work. You can try to inject in anything that contacts the DB, it doesn't need to be a direct attack. If this server even care about security concerns of their DB, the DB server wouldn't even have an interface open to the internet, it should be in the local network and the other servers (itemd, logd etc) would connect through LAN to it, so it would be impossible to reach it unless there is a website pointing to it, where you would inject the code.

 

Again, if you don't know what you're doing, don't even bother trying. There are many sites explaining how injection works, but you MUST know SQL syntax and how it works, period. Same with XSS injection or any other.

 

Wrong section anyway.

Locked.

Guest
This topic is now closed to further replies.
×
×
  • Create New...