Someone's attempt to sql inject my site - not!!! Hahahaha

[r0mm3L]

---

[+] URL: fanonychan - For Sale: PSP (Playstation Portable) [+] 09:11:24 [+] Evasion: + -- [+] Cookie: None [+] SSL: No [+] Agent: Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1) [-] Proxy Not Given [!] Blind Methodology will be used! [+] Blind String Selected is Good [+] Preforming Quick MySQL Version Check... [+] MySQL >= v3.0.0 found! [+] Do we have Access to MySQL Database: YES [!] Retrieve Info: --dump -D mysql -T user -C user,password [+] Showing database version, username@location, and database name!

[dodie]

and..... what's your point?

[Tsubaki]

we had a lesson about on preventing this. using parameters man tingale to. XD kalimot na ko... hahaha last sem pa! oh no.. gold fish memory.

pero sakto jd na magtake ug security measures kay daghan man diay buang sa net -- mangguba ug site.

[KungfuPanda]

pina may raman na si dodie pero wa gud na alam injecti ang website ana aron mo hilak na

[onenet.cebu]

And that is why you should backup your database once in a while.
Proven Tips To Generate Traffic To Your Blog

[dodie]

pina may raman na si dodie pero wa gud na alam injecti ang website ana aron mo hilak na

I know there are geniuses out there (including you perhaps).

I didn't say bad or whatsoever. I just reported what happened.
If you can do it, I congratulate you

[ace_maranga]

spam comments rana brad oi.

or naa kay any form nga maka insert ug data sa imo mysql, ang mga BOTS kay mo gamit ug PHP cURL para mo post ug data sa imo mysql through your form.

[dodie]

spam comments rana brad oi.

or naa kay any form nga maka insert ug data sa imo mysql, ang mga BOTS kay mo gamit ug PHP cURL para mo post ug data sa imo mysql through your form.

I don't mind if they do spamming on my site. As long as the mysql queries are prevented to perform.

Enforced them into string as ordinary text and store them somewhere , display it as ordinary message or filter it as you like.

Enforced them into numerical if your field is numerical. Filter out any unwanted characters

[neugent]

ey dodz! some friends are willing to give it a try even beyond your requested injections...
so if ever something might go wrong, legit ang request ha..u posted it here bya hehehehe..
lingaw man sab mag study ug security measures...

goodluck dodie and keep it up

[dodie]

ey dodz! some friends are willing to give it a try even beyond your requested injections...
so if ever something might go wrong, legit ang request ha..u posted it here bya hehehehe..
lingaw man sab mag study ug security measures...

goodluck dodie and keep it up

Please do! If something goes wrong with my injection prevention. Report it here.
If it is successful, I'd be happy to share to you the "procedures"

This is a new learning!