SQL Injection Techniques

http://m14hackersworld.blogspot.com

SQL Injection Techniques
Modifying POST Parameters
Hello, Friends, So till now, We have somewhat understanding of how and where to inject at the very basics. But Life is not so easy, as its a never ending war between developers and breakers.

Lets see another way to inject.

If you flashback to this blog, I have discussed about the 3-tier logic, and how a request is processed.

Lets say, I have a Login Form in front of me, now I start fuzzing, I try with garbage values, but surprisingly, I do get a same error as "Incorrect Credentials". Though this scenario, is not found in all the cases, but yes you would run into such situations sometimes.

What I do now is check the "View Page Source" (Ctrl+u) and look for the login form code, and If I find something like this:

<form method="POST">
//Code here
<input type="submit" value="Login" onClick = "someJavaScriptFunction(value1, value2)" />
</form>

Then You should understand that Whatever value is being inserted, its getting filtered by the Javascript Code, and hence our input values never reaches the second Layer like the PHP source or ASP etc...

This type of filtration is known as Client Side Filtration.

And the Flow is like this:

Login Form >> (Javascript) >> (PHP/ASP) >> SQL Database

Now If we can change our values when its between Javascript Filter and PHP/ASP, our Job is done.

For this we need a FireFox Addon (Tamper Data) install it.

How To work with it.. After installing Tamper Data, on the browser, click on:

Tools >> Tamper Data >> Start Tamper

Now on the login form, type any value:

Username: admin; Password:idontknow; and then click on Login

Once you do that, You would get option to tamper, click on Tamper, you would see the form data that you typed on the right handside of the Tamper-Data Window..

This is where, you need to change the values again, like using ' or " or \, the way discussed before and keep going until you get what you were looking for.

I know this is little pain, but hey thats how you deal with it.
   
Stay Tuned For more.
Previous
Next Post »