Question About Server Database

[Atomlux]

hi i got IP for the DB on the server i play on, and i wanted to know if theres like some kind of ms sql exploit thing i can throw at it to get in xd

[Mr.Shadly]

Propably u've got ip to the server, and eh, if u won't steal db or if u're not a good hacker... There is no any simple way.

[caesar4l2]

Mysql Injection, its not that simple :P

[knoxville]

hi i got IP for the DB on the server i play on, and i wanted to know if theres like some kind of ms sql exploit thing i can throw at it to get in xd

 

 

Check the Back Track 2.0.. is good and have many utilities for SQL injection but.. no is easy..

 

it's very hard find user and pass of DB SQL...

[Hax0r]

check www.metasploit.com

[RicSic]

You dont need the IP to the DB for SQL injection.

 

You could inject it thru any PHP/ASP form from their page.

[bonesaw]

If you don't even know about SQL, you shouldn't even bother with injection. You can only inject a code if you know how to make it, don't think copy/paste will always work. You can try to inject in anything that contacts the DB, it doesn't need to be a direct attack. If this server even care about security concerns of their DB, the DB server wouldn't even have an interface open to the internet, it should be in the local network and the other servers (itemd, logd etc) would connect through LAN to it, so it would be impossible to reach it unless there is a website pointing to it, where you would inject the code.

 

Again, if you don't know what you're doing, don't even bother trying. There are many sites explaining how injection works, but you MUST know SQL syntax and how it works, period. Same with XSS injection or any other.

 

Wrong section anyway.

Locked.