Just curious how good the team is with SQL injection attacks? I know moderately big server that's hosting a compromised web application. Only been able to dump the database, but haven't fully rooted it yet. Curious if you buy leaks from people, or if you actually root the server and take it.

good stuff

I am not very sure.

On 12/23/2016 at 4:25 PM, Jack said:

Just curious how good the team is with SQL injection attacks? I know moderately big server that's hosting a compromised web application. Only been able to dump the database, but haven't fully rooted it yet. Curious if you buy leaks from people, or if you actually root the server and take it.

Well, people start caring only when they see a problem. I would definitely hire someone to do that yea

sounds dumb.

This sounds something that you should discuss with AWU.

WHy can't you fully root it yet what kind of code are you trying to inject??? The main prupose of SQL injection attacks is to just get a db dump and gtfo out lol. 

good

gddd

SQL injection is a way of using Forms or what ever in HTML/PHP to execute SQL. So you would do like in a password feild

);// to kill the last paswordstatement

 

password,null); CREATE_NEW_TABLE(THIS,THAT, THEOTHER);

 

Like ending the SQL Statement within the statement and adding another line to the code that shouldnt be there.

It's easy... use Metasploid and Kali Linux, it'l pretty much do it for u.

release the name of the site. kappa.

 

hmm i know some sql

I also know some sql

i'm prettyyy good but this is old so idk .

SQL injections is simple to do, if you're tech savvy mostly anything can be easily be done the internet world is yours.