1 7 7

: ☣ 2016 ☣

  1. #1
    Kali Linux
    GNOME

    Apr 2012
    67
    29
    37 11

    ☣ 2016 ☣







    283 .

    .











    :
    :
    :
    : MySQL





    SQL Injection

    SQL Injection



    .
    .
    : .
    .
    :
    .
    (1) .
    (2) : dorks .
    (3) .
    (4) .
    (5)
    (6) ' .
    (7) .
    (8) Logical Operator .
    (9) Logical Expression .
    (10) .
    .
    .
    : (Firewall )
    .
    :
    .
    (1) ( Firewall )
    (2) ( )
    (3)
    (4)
    (5)
    (6)
    .
    .
    :
    .
    :
    .
    (1) : comma
    (2) :
    (3) : Error Based
    (4) :
    .
    .
    : .
    .
    :
    .
    (1) : .
    (2) : .
    (3) : .
    (4) : .
    (5) : .
    (6) : .
    (7) : .
    .
    .
    : .
    .
    :
    .

    : source code .
    : null .
    : version() .
    : routed query ( ) .
    : False Statement .
    : .
    : .
    .
    .
    : .
    .
    :
    .
    1 - : .
    .
    : Concat_ws .
    : Group_Concat .
    : select statment .
    .
    2 - : .
    .
    : -DUMP DB in [one] Request - Improve -2 .
    : MID_SEPARATOR .
    : show the table with all her columns -1 .
    : show the table with all her columns -2 .
    : .
    : .
    : GHI Requested .
    .
    3 - : Error Based .
    .
    : -Error Based Method -1 .
    : -Error Based Method -2 .
    : -Error Based Method -3 .
    : -Error Based Method -4 .
    : -Error Based Method -5 .
    : -Error Based Method -6 .
    : -Error Based Method -7 .
    : -Error Based Method -8 .
    :- Non-Geometric Error Based .
    :- Name_Const .
    :- Xpath .
    :- DOUBLE Query .
    :-Error Based Guessing .
    .
    .
    : .
    .
    :
    .
    .
    .
    .
    .
    .
    .
    .
    .
    .
    : .
    .
    :
    .
    .
    .
    : Attack By Ip scenario .
    : New Variable Method .
    : double Estatement scenario .
    : Columns seperator Style .
    : Log Evasion using SQL Injection .
    : join Syntax .
    .
    .
    : [Commen Error] .
    .
    :
    .
    Fatal Error Occurred .
    Fatal error: Allowed memory size of 536870912 bytes exhausted .
    1267 .
    Bad Request .
    Column only accepts numbers .
    count() .
    illegal mix of collations .
    Incorrect usage of UNION and ORDER BY .
    Subquery returns more than 1 row .
    The used SELECT statements have a different number of columns .
    [ ] .
    .
    Image is incompatible with int .
    asp .
    Cannot resolve collation conflict for column 2 in SELECT statement .
    Injecting into an ORDER BY clause .
    .
    .
    : .
    .
    :
    .
    [ ] .
    [ ] .
    .
    : owasp-zap
    [ ] .
    : SQLMAP
    : jsql
    .
    .
    : .
    .
    :
    .
    [ post Injection ] .
    [ Cookie based SQL Injection ] .
    .
    .
    : [ ]
    .

    .
    .
    .
    .
    .
    .
    .
    .
    ◘╚╦☆ ☆╚╦◘
    .
    Authentication Bypass Vulnerability .
    aspx .
    Wordpress Injection .
    :
    .
    .




    : SQL Injection BlaCk Rose .



         . 

:	  .jpg‏ 
:	474 
:	2.22  
:	24068  
    ; 29-10-2015 11:01 PM


  2. #2
      mamii
    Fedora 25
    MATE

    Apr 2009
    390
    1,474
    305 154
    1


  3. mamii :


  4. #3
    .: :.
    35
    GNOME

    Apr 2008
    6,818
    6,714
    14,138 4,134
    8





    ..
    ( )
    188
    :
    { }
    { ѡ }




  5. 3 :

    , , java

  6. #4

    Oct 2008
    324
    902
    340 153

    .

    ( )


  7. :


  8. #5
    Kali Linux
    GNOME

    Apr 2012
    67
    29
    37 11

    .

    -BlackRose- - . .facebook

  9. :


  10. #6
      Adnane-GX
    Arch
    Cinnamon

    May 2016
    15
    30
    6 6

    .

  11. #7
      xxn00nexx
    Debian 7
    Openbox

    Sep 2016
    5
    1
    0 0


: 1 (0 1 )