Browsing Category
Database
How to Hack Databases: Hacking MySQL Online Databases with Sqlmap
This guide is for Backtrack…no longer available…use KALI LINUX…works the same. Generally, MySQL is teamed up with PHP and an Apache web server (often referred to as LAMPP or XAMPP) to build dynamic, database driven web sites. Such development packages as Drupal, Joomla, WordPress, Ruby on Rails and others all use MySQL as their default database. Millions of websites have MySQL backends and very often they are “homegrown” websites, without much attention on security.In this tutorial, we will looking to extract information about an online MySQL database before we actually extract information from the database. Once again, I’ll repeat, the …
Continue reading How to Hack Databases: Hacking MySQL Online Databases with Sqlmap
holding image data on mysql
two things are needful fot holding image data on mysql 1/. A BLOB field so that the data is held truly 8 bit clean 2/. A way to inject it without trying to use tools designed for text. I’ve used two methods. Both work. (a) use the ‘load file’ command t tp transfer an image on disk to Msql. It does however need special mysql privileges that are not always available or safe.. 2/. From PHP environment, I turn the image data into an enormous hexadecimal number. MySQL seems able to understand that as niray data OK. ie in PHP …
Generate data
Ever needed custom formatted sample / test data, like, bad? Well, that’s the idea of this script. It’s a free, open source tool written in JavaScript, PHP and MySQL that lets you quickly generate large volumes of custom data in a variety of formats for use in testing software, populating databases, and… so on and so forth. https://www.generatedata.com/#t2
Display mysql table data in a wp page
My aim was to display data from a mysql table onto a wordpress page. I could do it using wpdb class as mentioned in the codex.But i didn’t know the file where i should write this php code that contains wpdb class functions to retrieve data from mysql table. Hence i installed Exec-PHP plugin.(The Exec-PHP plugin executes PHP code in posts, pages and text widgets) Now you are free to write your php code in the page editor and get the retrieved data on your page. Steps to retrive data and display it on a wordpress page: Create a table …
Interact with database in WordPress
Just a collection of useful links, at least to me WordPress database basics and schema, WordPress Codex Documentation on $wpdb, WordPress Codex “Data validation,” WordPress Codex “SQL Injection,” Wikipedia “SQL Injection Attacks by Example,” Steve Friedl ezSQL class documentation, Justin Vincent
Automation Tools for SQL Injection
These tools include HavijAdvanced SQL Injection – https://www.itsecteam.com/products/havij-v116-advanced-sql-injection/index.html#tabset-tab-2 SQLDict – https://ntsecurity.nu/toolbox/sqldict/ SQLSmack – https://www.securiteam.com/tools/5GP081P75C.html SQLPing 2 – https://www.sqlsecurity.com/downloads/sqlping2.zip?attredirects=0&d=1 SQLMap – https://sqlmap.org/
