Pwnd2Pwnr Posted June 1, 2013 Posted June 1, 2013 (edited) How are my fellow freaks/geeks doing this FINE Michigan morning. I have Googled the crap out of proper configuration of SQL ninja. I have seen many pages; yet they are vague and far from being :concise:. I know I can understand most of you on these forums... but I am just seeing red and, apparently the little I did know from SQL Server 2008 is proving useless. I find myself in an constant loop of the same walkthrough. Hopefully, someone here at Hak5 knows what the hell they are doing while configuring this .conf. If someone could help in an innocous way; It'd be appreciated. SCOPE: configuring SQLNINJA whilst the other 'guys' just repeat from the forum I first perused. Thanks ahead of time... Edited June 1, 2013 by Pwnd2Pwnr Quote
digip Posted June 1, 2013 Posted June 1, 2013 I've never got any of those damn sql tools of any kind to work for me, and always done it manually on sites that exhibit errors, except for not even bothering with blind SQLi at all because "ain't nobody got time for dat" Quote
Pwnd2Pwnr Posted June 1, 2013 Author Posted June 1, 2013 LOL... I am getting the same feeling :) Quote
digip Posted June 1, 2013 Posted June 1, 2013 (edited) In all honesty, google Joe McCray's videos on SQLi. He's on Security Tube and YouTUBE. Phenomenal stuff, and way more fun than playing with tools (and also more accurate, when a tool says no injection possible, and you find otherwise). Thing about SQLi though, is if you aren't practicing it regularly, it becomes like learning to walk all over again, so I have notes set aside for things like this that I have to refer to, and I don't doubt others do as well, since its trivial in some instances, but not in other cases when you get no response from the server to tell otherwise. Sometimes, its just luck, fornicating with a server and adding strings to URL's to get it to spit shit out. Edited June 1, 2013 by digip Quote
Pwnd2Pwnr Posted June 2, 2013 Author Posted June 2, 2013 Thanks, digip. I am going balls to the wall SQL at the moment. I am grasping the commands rather well (about 5 pages worth of hand written notes so far). I have had relations with a SQL server... the best thing is I didn't even have to 'shell' out money for dinner :D . Good times ! Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.