InvisionFree
Hey,
This question isn't so much about hacking as much as an exploit. Most of you with sites use your MySQL database to grab news posts or whatever to put on your index etc… Or use it so people can log in to the main site using the user name and passwords from the forum tables.
I'm wanting to know if it's possible to do this with Invisionfree and if anyone knows what their table system is like?
Regards
Andeh
No, not injection.
I'm asking if anyone knows how the databases are laid out so I can then (in a .php);
require 'config.php'; $result = mysql_query("SELECT * FROM invisionusers WHERE username='$username';" );
So I can then use the information for a log in box using the usernames and passwords from the forum database.
Yeah?
Ah-haha…lol, i thought something else … Ok, You first need to Make config.php(or w/e) which connects to the database, given username/password/host…
http://www.w3schools.com/php/php_mysql_connect.asp example:
<?php $con = mysql_connect("localhost","uname","pword"); if (!$con) { die('Could not connect: ' . mysql_error()); }
// some code here
?>
And then Creating Databases, tables first… …
Andeh wrote: Thanks for your reply, but again, I was just asking if anyone knows any of the table exploits for invisionfree forums =p so you did want an injection :right:
iv looked already a week or two ago i think. there wasnt anything on security focus or bugtraq and i couldnt get it to do anything