SQL:vulnerabilities

Greetz.

Ive read lots of material on SQL injection and done a few practical tests before, and in my view the hardest part is not the actual injection of data, but FINDING the vulnerable applications that I particularly need to exploit.

I mean, its NO use to me to get the admin password - this is not my goal - I only need the e-mails in the database. NO passwords/hashes/CC info etc.

I need some advice here, is SQL injection techniques the thing for me - for what I need? Furthermore.. I need to know various ways to FIND the vulnerable apps.

Thanks in advance.

R26 wrote: I only need the e-mails in the database[/u]. NO passwords/hashes/CC info etc. Then you definately need to use SQL injections, in case you can't download a copy of the whole database (or a backup).

I need to know various ways to FIND the vulnerable apps Well the best way is simply to input invalid data and see if you get any error messages - if you do then you know you're on the right way.

I also recommend you to read some more articles on SQL injection and try to get a grip of the whole concept. If you want you can setup a server on your own machine and practice attacks against it.

Thanks for your reply.

One more thing.. if lets assume I test some targets and fail to respond positively to injection queries, does it mean that they are 100% secure from an SQL -injection vulnerability- point of view?

I mean.. I tried over 100s sites and nothing.. You understand I DONT NEED just ANY DB of emails.. Id go to mailw0rm if I did. Does this mean all(I need n tried) are patched up?

I don't want to become an ace in SQL injection tec. BUT still not be able to get the data/info I really need just because I was using the wrong methods.

I hope you understand correctly. Further tips appreciated.

R26 wrote: if lets assume I test some targets and fail to respond positively to injection queries, does it mean that they are 100% secure from an SQL -injection vulnerability- point of view? Probably, but there are cases where you can inject SQL commands without getting some form of output confirmation.

Just a tip: Don't use SQL injections on random sites, it might piss the admins off ;)

As Ive already mentioned, Im not interested in ANY SQL injectable or vulnerable ws.app - so I wont piss off random admins.

Thanks for the tip anyway.

R26: Be very wary of what you are attempting here. It seems to me you are looking for ways to grab a listing of emails from a site to get them into a mailing list of sorts. I stress the "be careful" part because this is not only illegal hacking you are getting onto but possibly illegal spamming. If you see what I am getting at GOOD…if not, you are gonna hit two birds with one stone and people will get VERY pissed off once you are caught. Note I said WHEN…

Anyways, Hope you get what you need where you need it without getting jailed.:evil:

AldarHawk: Just because it says "Newbie" under my pseudo.. it doesnt necessarily mean that my neuronal cells are couch potatoes..

Eh.. it seems all I get are warnings, thanks I preffer to view them with a constructive eye, not as flames of some sort - even if I might be wrong.

So, if anyone got something to add to this - related to SQL vulns - please do share.

Ciao