Comments on: SQL Injection Toy http://hackademix.net/2007/08/23/sql-injection-toy/ Giorgio Maone's answers to the Web, the Universe, and Everything Fri, 19 Mar 2010 20:58:55 +0000 http://wordpress.org/?v=2.2.3 By: steeL http://hackademix.net/2007/08/23/sql-injection-toy/#comment-276 steeL Thu, 30 Aug 2007 01:19:56 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-276 I hv posted Complete XSS, SQL Injection technique on my site http://steeLit.funpic.de My site is not for hacking, i just education ppl how hacking happens & how to defend. :D I hv posted Complete XSS, SQL Injection technique on my site http://steeLit.funpic.de

My site is not for hacking, i just education ppl how hacking happens & how to defend. :D

]]> By: raaka http://hackademix.net/2007/08/23/sql-injection-toy/#comment-261 raaka Mon, 27 Aug 2007 00:06:57 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-261 simple yet ko0l well i have death threat for u bro.. post more simple yet ko0l
well i have death threat for u bro.. post more

]]> By: BlogCadre http://hackademix.net/2007/08/23/sql-injection-toy/#comment-239 BlogCadre Fri, 24 Aug 2007 15:15:45 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-239 <strong>SQL Injection tool</strong> The boys over at haxademix.net never cease to amaze me, this time rolling out a web based and virtually anonymous SQL injection tool (it's FREE to). http://evil.hackademix.net/sqlit/ ** For those of you who do not know what an SQL injection is... ... SQL Injection tool

The boys over at haxademix.net never cease to amaze me, this time rolling out a web based and virtually anonymous SQL injection tool (it’s FREE to).
http://evil.hackademix.net/sqlit/
** For those of you who do not know what an SQL injection is…

]]> By: Giorgio http://hackademix.net/2007/08/23/sql-injection-toy/#comment-237 Giorgio Fri, 24 Aug 2007 05:14:16 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-237 @<b>sirdarkcat</b>: aarrgh, the dangers of innerHTML... @<b>Davide</b>: it's all there (<em>View|Source</em>), no server side stuff involved :P @sirdarkcat:
aarrgh, the dangers of innerHTML…

@Davide:
it’s all there (View|Source), no server side stuff involved :P

]]> By: Davide http://hackademix.net/2007/08/23/sql-injection-toy/#comment-236 Davide Fri, 24 Aug 2007 03:45:29 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-236 source code? source code?

]]> By: sirdarckcat http://hackademix.net/2007/08/23/sql-injection-toy/#comment-235 sirdarckcat Fri, 24 Aug 2007 01:47:00 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-235 Cool! The support for several database types is great :P I have 1 <a href="http://evil.hackademix.net/sqlit/#url=http%253A%252F%252Fnoscript.net%252Fshowuser.asp%253Fid%253D-1;paramName=;sql=%253Ciframe%2520src%253D%2522javascript%253Aalert(/XSS/%2Bdocument.cookie)%253B%252F%252F%2540paramName%2522%253E;dbtype=MS_SQL_Server" rel="nofollow">bug</a> report. Any way, it would be cooler if it could generate POST petitions, and a favlet for generating a COOKIE with the exploit :P, something like javascript:void(document.cookie="var=val1"); Cool!
The support for several database types is great :P

I have 1 bug report.

Any way, it would be cooler if it could generate POST petitions, and a favlet for generating a COOKIE with the exploit :P, something like javascript:void(document.cookie=”var=val1″);

]]> By: scratchz http://hackademix.net/2007/08/23/sql-injection-toy/#comment-234 scratchz Fri, 24 Aug 2007 00:41:46 +0000 http://hackademix.net/2007/08/23/sql-injection-toy/#comment-234 hmmm,,, SQLIT hmmm,,, SQLIT

]]>