phpID Lab

FacebookTwitterGoogle+LinkedInEmail
Description
[toggle_content title="Transcript"] Hi Leo Dregier here. I want to talk to you about how to find generic vulnerable SQL injection websites which is basically the precursor to the next program that we realistically are going to discuss. The SQL map so one of the easiest things to do and pretty much everybody is finding vulnerable SQL injections sites is realistically to go over to Google and you are going to search for php?id= or id=1 either way is probably the most popular way to start finding SQL injection sites. So it does n't matter if you want to start at one or just php?id= so we are just going to do id?= and we will start seeing that there is only two billion resources or links that most people could potentially start exploiting. Now I want to kind of zoom out here and talk about the principals of information security. Confidentiality, integrity and availability now from a confidentiality point of view these companies and websites or search results they are basically disclosing certain information that is publicly available. Since they are disclosing it not only with us but everybody else in the world. we can use the disclosure to us kind of hear into their world a little bit more. But I would not consider us hacking them until we start changing the integrity of the destination website and if you search for youtube videos on the similar subject. Some people take the example a little too far they start poking and prodding and running SQL map commands, queries and scripts against targets and I personally think that is a little too aggressive because as a white hat you dont have authorization to do that. As a grey hat no harm, no foul but as a black hat you really have to question how far realistically you are going. Now for someone like myself I get poked and prodded all the time in terms of the websites and the resources that I have. So i kind of expect it but you know the Mom and Pop shops the small friers who is not familiar with information security they are basically helpless here and you don't want to destroy their websites change the integrity of their systems. Knock them offline or use the disclosure to their advantage so there is a way to operate ethically here. Legally but the minute you start changing the integrity your destination systems you really have to wonder if you are operating legally versus illegally. So clearly I am not going to be abdicating anything illegal here and I need to do these videos in a way that I am not doing anything illegal. Because the only thing I know about prison is I am too good looking to go. So nobody is going to gel here. So what I have done here is shown you how to start finding a vulnerable SQL injection sites. Now any of these php ids - these are all of the things that I am looking for. Now let us say that I was hired as a penetration tester to do some evaluations inside of a company. I could start combining this with in URL:LinuxWarrior.com and search for that specifically to see if a particular website is also vulnerable or if I can actually pull that from a particular video. So you can combine the Google search results to get a little bit more creative here but that is no more difficult than just Google hacking one on one. So it is this syntax specifically that I am using here that I would use in my SQL map statements which I will start that in the next video. So that is it - basically that is generically how you find a vulnerable SQL injection site. [/toggle_content] Our next lab in the SQL Injection series is the phpID lab. The phpID lab demonstrates and discusses how to find generic SQL injection sites.  It also teaches you the queries to quickly find them. The phpID lab is the pre-cursor to the SQL map tool which follows this lab in our Penetration Testing and Ethical Hacking series.
Recommended Study Material
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel