SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Scripting Help

Reply
 
Thread Tools Display Modes
Old 20/07/2012, 03:51 PM   #1
Swyft
Gangsta
 
Swyft's Avatar
 
Join Date: Jan 2010
Location: Canada
Posts: 533
Reputation: 117
Default SQL Injection

I need help with SQL Injection how do I do it?
Swyft is offline   Reply With Quote
Old 20/07/2012, 03:57 PM   #2
ReneG
High-roller
 
Join Date: Oct 2011
Location: Sublime Text 2
Posts: 1,981
Reputation: 337
Default Re: SQL Injection

I'm not sure how it would be done in a sa-mp server, attackers attack forums usually.
[ame="http://www.*******.com/watch?v=PB7hWlqTSqs&feature=related"]http://www.*******.com/watch?v=PB7hWlqTSqs&feature=related[/ame]
ReneG is offline   Reply With Quote
Old 20/07/2012, 04:02 PM   #3
Steven82
High-roller
 
Join Date: Nov 2009
Posts: 2,481
Reputation: 173
Default Re: SQL Injection

Quote:
Originally Posted by RockingCamman View Post
I need help with SQL Injection how do I do it?
I don't think anyone is going to give you that knowledge do to you attempting to go on servers that have SQL and injecting stuff into their databases.
__________________
If you read my old posts; I apologize in advance.
Steven82 is offline   Reply With Quote
Old 20/07/2012, 04:05 PM   #4
Vince
Spam Machine
 
Vince's Avatar
 
Join Date: Sep 2007
Location: Belgium
Posts: 10,992
Reputation: 2649
Default Re: SQL Injection

Quote:
Originally Posted by VincentDunn View Post
I'm not sure how it would be done in a sa-mp server, attackers attack forums usually.
Mostly through login dialog. Most servers use the new DIALOG_STYLE_PASSWORD for that so the characters aren't visible anymore, but still ... Consider this query:
PHP Code:
SELECT id FROM playerinfo WHERE name '%s' AND password sha1('%s'LIMIT 1
If the pass is not escaped, one could possibly input in the dialog box:
Code:
blah') OR TRUE --
which would make the query:
PHP Code:
SELECT id FROM playerinfo WHERE name '%s' AND password sha1('blah') OR TRUE -- ) LIMIT 1
The double dash is the start of a comment in SQL syntax.
__________________
Vince is offline   Reply With Quote
Old 20/07/2012, 04:11 PM   #5
ReneG
High-roller
 
Join Date: Oct 2011
Location: Sublime Text 2
Posts: 1,981
Reputation: 337
Default Re: SQL Injection

Quote:
Originally Posted by Vince View Post
Mostly through login dialog. Most servers use the new DIALOG_STYLE_PASSWORD for that so the characters aren't visible anymore, but still ... Consider this query:
PHP Code:
SELECT id FROM playerinfo WHERE name '%s' AND password sha1('%s'LIMIT 1
If the pass is not escaped, one could possibly input in the dialog box:
Code:
blah') OR TRUE --
which would make the query:
PHP Code:
SELECT id FROM playerinfo WHERE name '%s' AND password sha1('blah') OR TRUE -- ) LIMIT 1
The double dash is the start of a comment in SQL syntax.
How would the information be relayed back to the attacker through a sa-mp server?
ReneG is offline   Reply With Quote
Old 20/07/2012, 04:44 PM   #6
SuperViper
High-roller
 
SuperViper's Avatar
 
Join Date: Sep 2011
Posts: 1,197
Reputation: 315
Default Re: SQL Injection

Any decent server that uses SQL escapes the string before using it in a query.
__________________
Release NameUse
FairPlayKeep the cheaters out of your server
Object Model ArrayArray of every single object model in the game
RCON PanelControl any server as you like with RCON controls
SlopeClimb up a steep hill against other players with cars falling down

I do not play on any SAMP server. Anyone with the name Ricky Phelps in-game is an imposter.
SuperViper is offline   Reply With Quote
Old 20/07/2012, 04:55 PM   #7
Christopher
Big Clucker
 
Join Date: Oct 2011
Posts: 66
Reputation: 16
Default Re: SQL Injection

Quote:
Originally Posted by VincentDunn View Post
How would the information be relayed back to the attacker through a sa-mp server?
It typically wouldn't be unless the server had been outputting the returned values from the SQL query witch in theory is stupid. This type of attack would only normally be used on a SA-MP server if you already had prior knowledge of a users ID or username.
Christopher is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
******* injection? sim_sima General 6 31/07/2011 04:19 PM
[INFO] MySQL Injection Blacklite Help Archive 9 10/07/2011 03:42 AM
Injection Teleport Generator Injection Help Archive 2 24/06/2009 02:15 AM


All times are GMT. The time now is 05:55 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.