http://cafe.naver.com/hackersmaster/351 대상 DB서버: SQL SERVER(MSSQL) ######################################################## 인젝션 가능 파일 찾기######################################################http://xxx/tmp/mypc.asp?id=1110.인젝션 스트링 종류str 1) ' or''=' 2) ' or 1=1-- 3) ' or 'a'='a-- 4) 'or'='or' 5) " or 1=1-- 6) " or "a"="a 7) ') or ('a'='a 8) ") or ("a"="a 9) ' and [??] and ''=' 10) ' and [??] and '..
ireoa 님의 블로그에서 퍼왔습니다. 1) 대소문자 변형 union select password from member where id='ireoa'-- UnION seLEct password ForM member WhErE id='ireoa'-- 2) 공백 우회 /**/ %0a %09 () 3)URL Encoding 3) = 우회 union select password from member where username = 'ireoa'-- union select password from member where username like 'ireoa'-- 4)URL Encoding '%2f%2a*/union%2f%2a*/select%2f%2a*/password%2f%2a*/form%2f%2a*/member%..
출처 : http://blog.epzsecurity.com/2012/08/mysql-injection-cheet-sheet-including.html MySQL Injection Cheat SheetComments:Comments are very useful and can sometimes even help bypass certain WAF procedures. These comments are the ones that I have picked up over the last few years: -- (Simple Comment)--+- (String Based Comment)/* (Multiple Line Comment)# (Single Line Comment)/*!*/ (Bypasses certain ..
본 글은 작성자:Khuti (http://khuti.tistory.com/6) 글 스크랩 자료 입니다. SQL 인젝션 우회 패턴에 대해서 종합 정리 및 지속적인 업데이트를 할려고 한다. 이하 내용은 본인이 직접 연구&학습&뻘짓&노가다 한 내용이다. 다양한 우회 패턴이 더 있지만.. 간단하게 일부만 정리.. 먼저,,,,,,,,, 우회 패턴엔 크게 3가지 분류가 있을 수 있다. - 1) 네트웍 특성을 이용한 우회 패턴 - 2) SQL의 특성을 이용한 우회 패턴 - 3) 애플리케이션의 잘못된 필터링으로 인한 우회 패턴 요즘 같은 세상엔 당연히 SQL 인젝션은 기본적으로 막혀 있을거라 생각한다면... No!! 시대가 변하고 보안 이슈가 늘어나도!!! 사람의 습관은 크게 변하지 않는 법!! 남의 일이라 생각하는 ..
Injecting Insert statements: MySQL error based injection
출처 : http://k3170makan.blogspot.kr/2012/01/injecting-insert-statements-mysql-error.html Exploring my options One night while banging injection payloads into a random page I suddenly found myself in an insert statement! This is when I got the idea to use insert statements for MySQL error based injection vectors. Some people might be wondering why on earth would one would want to inject an insert?..
WEAKERTHAN - http://weaknetlabs.com/ BackTrack - http://www.backtrack-linux.org/ NETSECLOS - http://netsecl.com/download Wifiway - http://www.wifislax.com/ PHLAK - http://sourceforge.net/projects/phlakproject/ slitaz - http://www.slitaz.org/ NodeZero - http://netinfinity.org/ REMnux - http://sourceforge.net/projects/remnux/ Security Onion - http://securityonion.blogspot.com/ OWASP livecd - http:..
출처 : http://www.webhackingexposed.com/tools.html Free Web Security Scanning Tools Nikto N-Stalker NStealth Free Edition Burp Suite Paros Proxy OWASP WebscarabSQL Injection SQL Power Injector by Francois Larouche Bobcat (based on "Data Thief" by Application Security, Inc.). Absinthe - free blind SQL injection tool SQLInjector by David Litchfield NGS Software database tools Cross-Site Scripting (X..
Methods of Quick Exploitation of Blind SQL Injection # Title: Methods of quick exploitation of blind SQL Injection # Date: January 25th, 2010 # Author: Dmitry Evteev (Positive Technologies Research Lab) # Contacts: http://devteev.blogspot.com/ (Russian); http://www.ptsecurity.com/ In this paper, the quickest methods of Blind SQL Injection (error-based) exploitation are collected and considered b..
