Description: SQL injection is a technique in which an attacker exploits a security vulnerability occurring in the database layer of an application. This vulnerability is present when the user input is not filtered properly. In this video Nox and Patchy from Infinity Exists use an SQL (Structured Query Language) injection vulnerability to extract password hashes from the websites database.The vulnerability is present in WP-Forums. They first check for the vulnerability using universal truths like 1=1 etc . Using False statements like 1=0 with the AND operator produces sql errors which give away the SQL statement used in the website. They then find the no of columns in the database using the ORDER BY statement . Any ORDER BY X statement (where x is an integer ) where x is greater than the no of columns will produce an error message.We can then find the column to which the data is output to using select by statement using different integers for different columns . Since wp forums is open source we can find the name of the table and the corresponding column that contains the passwords hashes.. We can modify the sql query to output the password hashes to the column to which the data is output to from the table that contains the password hashes.The administrator password is generally the first password so we can get the password which has the first id ( or id=1) then use a . we can then use a dictionary attack on the MD5 hash thus obtained to crack the administrator password using Cain and Abel.<br><br>A high resolution version of this video is available for download here.<br><br><br></div>
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.