Need help learning SQL attacks

I really want to learn more about SQL Dumping, SQL Injecting, etc. However tutorials do not explain essential concepts that seem to be constantly prevalent. For instance, Dorks. I actually fail to understand what these are and how to obtain/filter them. If someone could link me to a real tutorial from an attackers AND hosts standpoint I would appreciate it. SQL Always intrigued me.

i can teach you all this buddy feel free to contact me and take a look to my thread

I realize this thread Is over 2 weeks old, but I've completely missed It.

First and foremost, do you have knowledge of the SQL language?

(08-17-2018, 05:15 AM)mothered Wrote:

[To see links please register here]

I realize this thread Is over 2 weeks old, but I've completely missed It.

First and foremost, do you have knowledge of the SQL language?

Kind of sort of. I know about the methods it utilizes.

(08-17-2018, 05:53 AM)M00N66 Wrote:

[To see links please register here]

(08-17-2018, 05:15 AM)mothered Wrote:

[To see links please register here]

I realize this thread Is over 2 weeks old, but I've completely missed It.

First and foremost, do you have knowledge of the SQL language?

Kind of sort of. I know about the methods it utilizes.

I suggest to at least learn the basics of SQL- how to select, query and manipulate databases. This will significantly help to understand how and why SQLi attacks (In-Band, Union-Based, Boolean-Based, Inferential/Blind) work.

As a starting point, no need to go through each function, clause, constraint, operator and so forth. As you advance, SQL proficiency Is paramount.

Learn SQL and PHP for understanding what you do...
otherwise do it like 99% of the Internet and use 1337 Haxxor Tool SQLi Dumper and be part of the script kiddy community

(08-17-2018, 07:21 AM)tschaikowsky Wrote:

[To see links please register here]

Learn SQL and PHP for understanding what you do...
otherwise do it like 99% of the Internet and use 1337 Haxxor Tool SQLi Dumper and be part of the script kiddy community

SQL Tools suck, just like 75% of already patched GUI checkers, Bruters, etc. Lmao.

(08-17-2018, 07:30 PM)M00N66 Wrote:

[To see links please register here]

SQL Tools suck

They certainly do.

Once you've attained the above-mentioned knowledge, you won't need the tools. I perform everything manually, which Is far better than wasting time with a given tool for hours on end.

If you have never Exploited/Injected manually by Hand, you will never have high level targets, because most waf/ids filtering '

(08-18-2018, 08:22 AM)tschaikowsky Wrote:

[To see links please register here]

If you have never Exploited/Injected manually by Hand, you will never have high level targets, because most waf/ids filtering '

Agree.

A given tool will not be much help when the WAF kicks In.