SQL Injection: Help me find a site to hack

Discuss the many weaknesses of browser security and ways to mitigate the threat

SQL Injection: Help me find a site to hack

Post by L3g3nd4ry on Sat Aug 06, 2011 6:58 pm
([msg=60636]see SQL Injection: Help me find a site to hack[/msg])

I have recently being learning SQL Injection, but can't find any sites that don't have protection against SQLIn. Does anybody know of any sites with SQL Injection vulnerabilities, a method of finding vulnerable sites, or a site with a "sanbox", where you can mess around and test things out? Yes I know, SQL Injection.... I'm a n00b... But hey, you gotta start somewhere... Thanks for any answers.
L3g3nd4ry
New User
New User
 
Posts: 1
Joined: Sat Aug 06, 2011 6:37 pm
Blog: View Blog (0)


Re: SQL Injection: Help me find a site to hack

Post by mShred on Sat Aug 06, 2011 7:04 pm
([msg=60637]see Re: SQL Injection: Help me find a site to hack[/msg])

L3g3nd4ry wrote:I have recently being learning SQL Injection, but can't find any sites that don't have protection against SQLIn. Does anybody know of any sites with SQL Injection vulnerabilities, a method of finding vulnerable sites, or a site with a "sanbox", where you can mess around and test things out? Yes I know, SQL Injection.... I'm a n00b... But hey, you gotta start somewhere... Thanks for any answers.

You can always set up your own vulnerable server and test that. You can always use Google hacks to find sites that have similar parameters as many vulnerable sites. But don't go being a skiddie.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1680
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: SQL Injection: Help me find a site to hack

Post by LoGiCaL__ on Sat Aug 06, 2011 9:12 pm
([msg=60641]see Re: SQL Injection: Help me find a site to hack[/msg])

Why not try some of the missions right here on HTS? Some include sql injections.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1060
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: SQL Injection: Help me find a site to hack

Post by Warfreak2 on Tue Aug 16, 2011 5:46 pm
([msg=60928]see Re: SQL Injection: Help me find a site to hack[/msg])

If you don't have any nails, put down the hammer. Don't go around hitting other people just for the fun of it.

That said, if you do find an SQL injection vulnerability in a website, you should contact the administrator so they can fix it, before you go around telling people about it.
Image
User avatar
Warfreak2
New User
New User
 
Posts: 2
Joined: Fri Aug 12, 2011 9:52 am
Location: UK
Blog: View Blog (0)


Re: SQL Injection: Help me find a site to hack

Post by tremor77 on Wed Aug 17, 2011 7:54 am
([msg=60939]see Re: SQL Injection: Help me find a site to hack[/msg])

Warfreak2 wrote:If you don't have any nails, put down the hammer. Don't go around hitting other people just for the fun of it.

That said, if you do find an SQL injection vulnerability in a website, you should contact the administrator so they can fix it, before you go around telling people about it.


Well put. And I might add instead of just learning SQL Injection go about entirely learning SQL. One of the best ways to learn about how to hack code is to write the code and be as thorough as possible in developing it to prevent attacks. Then go about testing your work. I would challenge you to write a mini CMS in PHP that has user logins with access to a textarea web editor that edits and saves dynamically generated pages into your database.. make it hacker proof while keeping it functional and user friendly. Learning to 'prevent' SQL injection in your code is the best way to learn SQL injection.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 862
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests