Episode 11 - Website Hacking - Sql Injection
October 12th, 2007 by 
Patchy
For Infinity Exists Full Disclosure’s first Website Hacking episode, we demonstrate how to exploit a security vulnerability occurring in a website’s database to extract password hashes. Sql (Structured Query Language) is a computer language designed for the retrieval and management of data in a system’s database. The Attack, known as Sql Injection, manipulates Sql statements before they are sent to the Sql Server, allowing the Attacker to create, change, or retrieve data stored in the database. Sql Injection is a hard concept to understand, so we made a video that encompasses all our knowledge on the subject to make it easier for our viewers to grasp.
Live Stream Here
Download Here
We demonstrate Sql Injection on WP-Forum version 1.7.4 by Fredrik Fahlstad; therefore, if you use WP-Forum you are vulnerable to this attack! To fix this exploit download our patch.
Download WP-Forum Patch Here
Live Stream Here
Download Here
We demonstrate Sql Injection on WP-Forum version 1.7.4 by Fredrik Fahlstad; therefore, if you use WP-Forum you are vulnerable to this attack! To fix this exploit download our patch.
Download WP-Forum Patch Here
4 Responses
You must be logged in to leave a comment.
October 13th, 2007 at 2:15 pm
WOW
I never new sql injection was this easy.
I just gave it a go on my private forum and it took 2 minutes.
Please keep up this great work guys, your video was so easy to follow
October 15th, 2007 at 12:24 pm
YEAH RIGHT LIKE IM DOWNLOADING THAT YOU FILTHY HACKER.
jk,
February 3rd, 2008 at 7:38 pm
Thanks for sharing
June 9th, 2008 at 3:40 am
Tho has same laptop and looks as me. disturbing….