FRIHOSTFORUMSFAQTOSBLOGSDIRECTORY
You are invited to Log in or Register a Frihost Account!

how to use sql injection to retrive a column name ?

   Frihost Forum Index -> Scripting -> Php and MySQL
 


phicha
my site was just injected by someone,
and he/she told me that he/she have already my all structure databases -__-"

somehow i think and search at google, but i dont found about these thing.
what way had he/she use to retreive/read all my databases structure ?

thanks.
Traveller
phicha wrote:
my site was just injected by someone,
and he/she told me that he/she have already my all structure databases -__-"

somehow i think and search at google, but i dont found about these thing.
what way had he/she use to retreive/read all my databases structure ?

thanks.
The structure of the database is stored in tables, just as your regular information is. I'm not familiar with the techniques or limitations of SQL injection (and discussing the techniques would not be something for this forum, anyway) but, if it is possible to obtain sufficient access clearance, then it would be possible to submit a query that would list the database structures, etc.
phicha
is there other forum for discuss the mysql injection topic ? Very Happy
anyway thanks for the info.. *so it;s possible and true that he/she retrive my databases already.. T_T *

i kinda how know, it;s still safety for me....., after my site has hijacked.. >_<
Traveller
phicha wrote:
is there other forum for discuss the mysql injection topic ? Very Happy

Sure, but not on FriHost, since our TOS, etc. prohibit discussions of how to perform hacking, and SQL injection is a form of hacking. Thus, as mentioned, the general discussion of the topic (especially how to prevent it) is permissible, as long as it doesn't present techniques for accomplishing any hacking.
phicha
thanks for the info,
i should remembered it.
Stubru Freak
The knowledge about MySQL injection is in public domain anyway, so I think a brief description wouldn't be harmful (if it is, please remove this). In contrary, a good understanding can prevent you from being the victim yourself.

It's very simple.
Take this php code:
Code:
mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `password` = '$password'");


This seems no problem at first, as it would result in a query similar to this one:
Code:
SELECT * FROM `users` WHERE `username` = 'john' AND `password` = 'abc123'


But, if a user enters this as his password:
Code:
abc123'; UPDATE `sometable` SET `somefield` = 'somethingelse

It would result in:
Code:
SELECT * FROM `users` WHERE `username` = 'john' AND `password` = 'abc123'; UPDATE `sometable` SET `somefield` = 'somethingelse'

On some versions of SQL this will give an error, but on others, it can change arbitrary information.

Anyway, even on versions this won't work, there are still more complicated techniques using JOIN, which I won't describe here, although you can fairly easily look it up in the MySQL Manual.
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2007 Frihost, forums powered by phpBB.