After a scan with Acunetix I found a vulnerability "Blind SQL Injection".
Now what should I do?
Forum Thread: Blind SQL Injection
- Hot
- Active
-
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
1 mo ago -
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
1 mo ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
2 mo ago -
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
3 mo ago -
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
4 mo ago -
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
5 mo ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
5 mo ago -
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
6 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
6 mo ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
7 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
9 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
9 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
9 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
9 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
9 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
9 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
10 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
11 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
11 mo ago
-
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
The Top 80+ Websites Available in the Tor Network
-
How To:
Break into Router Gateways with Patator
-
How To:
Catch an Internet Catfish with Grabify Tracking Links
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Make Your Own Bad USB
-
Become an Elite Hacker Part 4:
Hacking a Website. [Part 1]
-
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Use the Chrome Browser Secure Shell App to SSH into Remote Devices
-
How To:
Use MinGW to Compile Windows Exploits on Kali Linux
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Use MDK3 for Advanced Wi-Fi Jamming
-
How To:
Create Rainbow Tables for Hashing Algorithms Like MD5, SHA1 & NTLM
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Easily Detect CVEs with Nmap Scripts
-
How To:
Use Metasploit's Database to Stay Organized & Store Information While Hacking
-
News:
Printable Guy Fawkes Mask
6 Responses
That depends what choice you wanna go? manually or using a tool.
First of all, you should make sure that your recon tool did not accidentally generate a false positive, as many do just by nature. Browse the server until you find a url ending in something like "id=12357". To see if it is vulnerable, type in an apostrophe (This thing: ') right after the number. If the page shows an error, or perhaps some elements of the page go missing, it is a vulnerable page!
Site admin OTW actually wrote a tutorial on using a tool in Kali Linux called "sqlmap" to uncover database files. You can find that here.
Null Byte has lots of articles about SQL injection, take a look: https://null-byte.wonderhowto.com/search/sql/
Cheers
Washu
If you have permission to test...sqlmap can do alot of things. But I would advise you to understand what sql injection actually does, and how. Many things can result from sql injection like shell access.
Thank you all.It states that the site is a friend of mine and I am one staffer.
We are just checking the security of our site. I already tried on sqlMap to enumerate the database with the string saddle scan:
/search.php?sd=d&searchid=unanswered&sk=t&sr=topics&st=-1%27%20or%2085%20%3d%20%2783
but no results, other suggestions?
Sorry for my English, I use a translator.
bueno espero hablas espanol, y ya que tienes esa peticion echa desde burp puedes guardar el resultado en un archivo txt y probar con sqlmap -r, ya si no te sale te puedo ayudar si gustas
Share Your Thoughts