{"id":30050,"date":"2023-01-13T00:47:42","date_gmt":"2023-01-12T19:17:42","guid":{"rendered":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/"},"modified":"2023-01-13T00:47:42","modified_gmt":"2023-01-12T19:17:42","slug":"solved-detecting-vulnerabilities-for-sql-injection-closed","status":"publish","type":"post","link":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/","title":{"rendered":"[Solved] Detecting vulnerabilities for SQL injection [closed]"},"content":{"rendered":"<p> [ad_1]<br \/>\n<\/p>\n<div id=\"answer-14559316\" class=\"answer js-answer accepted-answer js-accepted-answer\" data-answerid=\"14559316\" data-parentid=\"14558635\" data-score=\"1\" data-position-on-page=\"1\" data-highest-scored=\"1\" data-question-has-accepted-highest-score=\"1\" itemprop=\"acceptedAnswer\" itemscope itemtype=\"https:\/\/schema.org\/Answer\">\n<div class=\"post-layout\">\n<div class=\"votecell post-layout--left\"><\/div>\n<div class=\"answercell post-layout--right\">\n<div class=\"s-prose js-post-body\" itemprop=\"text\">\n<p>There are 2 parts you want to consider:<\/p>\n<ol>\n<li>Finding as much information as you can. about the script<\/li>\n<li>Actually exploiting it.<\/li>\n<\/ol>\n<p>Jihnesh was talking about the first part. In the example Jignesh gave, you find out that the script is using MySQL, information about the server \/ files, and that he doesn&#8217;t check the category parameter as an int (because he would do something to treat this situation, instead the query was ran, and the result (expected to be an array) &#8211; is probably empty).<\/p>\n<p>There are many methods for this first part, but I recommend you to check <a rel=\"nofollow noopener\" target=\"_blank\" href=\"http:\/\/sqlmap.org\/\">sqlmap<\/a> &#8211; it&#8217;s a very awesome program I use for checking my websites.<\/p>\n<p>Moving on to the actual &#8220;hacking&#8221; &#8211; the most basic example is the one with the users:<\/p>\n<pre><code>URL: login.php | POST info: user = \"admin' OR 1 -- \"\n$query = \"SELECT * FROM users WHERE user=\"{$_POST[user]}\" AND password = {$_POST[pass]}\";\nSQL: SELECT * FROM users WHERE user=\"admin\" OR 1 -- ' AND password = ''\nResult: Selects all the users in the users table\n<\/code><\/pre>\n<p>You can also check this tutorial <a rel=\"nofollow noopener\" target=\"_blank\" href=\"http:\/\/www.unixwiz.net\/techtips\/sql-injection.html\">http:\/\/www.unixwiz.net\/techtips\/sql-injection.html<\/a><\/p>\n<\/p><\/div>\n<div class=\"mt24\"><\/div>\n<\/div>\n<p>            <span class=\"d-none\" itemprop=\"commentCount\"><\/span> <\/p><\/div>\n<\/div>\n<p>[ad_2]<\/p>\n<p>solved Detecting vulnerabilities for SQL injection [closed] <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad_1] There are 2 parts you want to consider: Finding as much information as you can. about the script Actually exploiting it. Jihnesh was talking about the first part. In the example Jignesh gave, you find out that the script is using MySQL, information about the server \/ files, and that he doesn&#8217;t check the &#8230; <a title=\"[Solved] Detecting vulnerabilities for SQL injection [closed]\" class=\"read-more\" href=\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\" aria-label=\"More on [Solved] Detecting vulnerabilities for SQL injection [closed]\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[320],"tags":[339,341,343],"class_list":["post-30050","post","type-post","status-publish","format-standard","hentry","category-solved","tag-php","tag-sql","tag-sql-injection"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb\" \/>\n<meta property=\"og:description\" content=\"[ad_1] There are 2 parts you want to consider: Finding as much information as you can. about the script Actually exploiting it. Jihnesh was talking about the first part. In the example Jignesh gave, you find out that the script is using MySQL, information about the server \/ files, and that he doesn&#8217;t check the ... Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\" \/>\n<meta property=\"og:site_name\" content=\"JassWeb\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-12T19:17:42+00:00\" \/>\n<meta name=\"author\" content=\"Kirat\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kirat\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\"},\"author\":{\"name\":\"Kirat\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31\"},\"headline\":\"[Solved] Detecting vulnerabilities for SQL injection [closed]\",\"datePublished\":\"2023-01-12T19:17:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\"},\"wordCount\":158,\"publisher\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\"},\"keywords\":[\"php\",\"sql\",\"sql-injection\"],\"articleSection\":[\"Solved\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\",\"url\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\",\"name\":\"[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb\",\"isPartOf\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#website\"},\"datePublished\":\"2023-01-12T19:17:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jassweb.com\/solved\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"[Solved] Detecting vulnerabilities for SQL injection [closed]\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jassweb.com\/solved\/#website\",\"url\":\"https:\/\/jassweb.com\/solved\/\",\"name\":\"JassWeb\",\"description\":\"Build High-quality Websites\",\"publisher\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jassweb.com\/solved\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jassweb.com\/solved\/#organization\",\"name\":\"Jass Web\",\"url\":\"https:\/\/jassweb.com\/solved\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png\",\"contentUrl\":\"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png\",\"width\":693,\"height\":132,\"caption\":\"Jass Web\"},\"image\":{\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31\",\"name\":\"Kirat\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jassweb.com\/solved\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1776403586\",\"contentUrl\":\"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1776403586\",\"caption\":\"Kirat\"},\"sameAs\":[\"http:\/\/jassweb.com\"],\"url\":\"https:\/\/jassweb.com\/solved\/author\/jaspritsinghghumangmail-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/","og_locale":"en_US","og_type":"article","og_title":"[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb","og_description":"[ad_1] There are 2 parts you want to consider: Finding as much information as you can. about the script Actually exploiting it. Jihnesh was talking about the first part. In the example Jignesh gave, you find out that the script is using MySQL, information about the server \/ files, and that he doesn&#8217;t check the ... Read more","og_url":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/","og_site_name":"JassWeb","article_published_time":"2023-01-12T19:17:42+00:00","author":"Kirat","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Kirat","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#article","isPartOf":{"@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/"},"author":{"name":"Kirat","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31"},"headline":"[Solved] Detecting vulnerabilities for SQL injection [closed]","datePublished":"2023-01-12T19:17:42+00:00","mainEntityOfPage":{"@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/"},"wordCount":158,"publisher":{"@id":"https:\/\/jassweb.com\/solved\/#organization"},"keywords":["php","sql","sql-injection"],"articleSection":["Solved"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/","url":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/","name":"[Solved] Detecting vulnerabilities for SQL injection [closed] - JassWeb","isPartOf":{"@id":"https:\/\/jassweb.com\/solved\/#website"},"datePublished":"2023-01-12T19:17:42+00:00","breadcrumb":{"@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jassweb.com\/solved\/solved-detecting-vulnerabilities-for-sql-injection-closed\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jassweb.com\/solved\/"},{"@type":"ListItem","position":2,"name":"[Solved] Detecting vulnerabilities for SQL injection [closed]"}]},{"@type":"WebSite","@id":"https:\/\/jassweb.com\/solved\/#website","url":"https:\/\/jassweb.com\/solved\/","name":"JassWeb","description":"Build High-quality Websites","publisher":{"@id":"https:\/\/jassweb.com\/solved\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jassweb.com\/solved\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jassweb.com\/solved\/#organization","name":"Jass Web","url":"https:\/\/jassweb.com\/solved\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/","url":"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png","contentUrl":"https:\/\/jassweb.com\/wp-content\/uploads\/2021\/02\/jass-website-logo-1.png","width":693,"height":132,"caption":"Jass Web"},"image":{"@id":"https:\/\/jassweb.com\/solved\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/65c9c7b7958150c0dc8371fa35dd7c31","name":"Kirat","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jassweb.com\/solved\/#\/schema\/person\/image\/","url":"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1776403586","contentUrl":"https:\/\/jassweb.com\/solved\/wp-content\/litespeed\/avatar\/1261af3c9451399fa1336d28b98ea3bb.jpg?ver=1776403586","caption":"Kirat"},"sameAs":["http:\/\/jassweb.com"],"url":"https:\/\/jassweb.com\/solved\/author\/jaspritsinghghumangmail-com\/"}]}},"_links":{"self":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts\/30050","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/comments?post=30050"}],"version-history":[{"count":0,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/posts\/30050\/revisions"}],"wp:attachment":[{"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/media?parent=30050"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/categories?post=30050"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jassweb.com\/solved\/wp-json\/wp\/v2\/tags?post=30050"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}