| View previous topic :: View next topic |
| Author |
Message |
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
 Posted: Tue Mar 13, 2007 5:52 am Post subject: Simple SQL tutorial |
 |
|
Spoiling this section with this tutorial ? 
Introduction
So if you've read my other thread on SQL, you will know how to start .
If not please go and read it before beginning this tutorial .
Easy program for you to use: Microsoft Access . (as most computers have it)
Description
Most databases now allow you to edit/add new data into your table . This is very handy as it isn't very hard to do .
Variables are very useful in database tables as well .
User Database Table
Once you've named it etc. it's time to insert the data .
Basic script most people use:
| Code: | | INSERT INTO member(memberName, memberPassword, memberEmail, memberWeb)VALUES('otherinfo.') \\Add other information there . |
Just insert that information to be stored on your database table .
Updating Database tables
Updating is simple, just change the required information.
Example:
| Code: | | INSERT INTO member(benlue, tutorial, [email protected], CE.org)VALUES('isthebest') |
TO
| Code: | | UPDATE member set memberPassword='getitnow' where memberName='benlueFTW' |
Erasing Data
To delete a member . E.g. benlue  you would put this code in to erase my existence 
| Code: | | DELETE member benlue |
OR for websites with 2 people of the same name
| Code: | | DELETE FROM member where id=1337 |
That was saying that my ID was 1337 .
I'm wiped out from your database now !
Basic things that i've been taught and i've added extras . 
|
|
| Back to top |
|
 |
Fuzz
Grandmaster Cheater
![]() Reputation: 0
Joined: 12 Nov 2006
Posts: 531
|
| Posted: Tue Mar 13, 2007 10:34 am Post subject: |
|
|
Can you make a tutorial, on how to use SQL injections to hack INTO websites? By edting the page code? I have always wanted to know how to do it, and i just need to know WHAT to edit. Or if someone knows, add me on MSN.
_________________
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Wed Mar 14, 2007 3:58 am Post subject: |
|
|
| That will just be wrong as many people will change things on CEF .
|
|
| Back to top |
|
|
Fuzz
Grandmaster Cheater
![]() Reputation: 0
Joined: 12 Nov 2006
Posts: 531
|
| Posted: Thu Mar 15, 2007 6:06 pm Post subject: |
|
|
Yes. True, but dont you think on a HACKING forum, DB would protects against HACKS? I mean, him of all people should know how to protect his site very well.
_________________
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Sat Mar 24, 2007 6:16 am Post subject: |
|
|
| I've seen some name changes . Either they hacked through OR requested it . So i can't post anything at this moment .
|
|
| Back to top |
|
|
SgStar
Newbie cheater
![]() Reputation: 0
Joined: 08 Mar 2007
Posts: 24
|
| Posted: Sun Mar 25, 2007 8:22 am Post subject: |
|
|
| Fuzz wrote: | | Yes. True, but dont you think on a HACKING forum, DB would protects against HACKS? I mean, him of all people should know how to protect his site very well. |
ur gay.. like everyone know about sql injection 10 years ago. and everyone knows how to prevent it easily.
|
|
| Back to top |
|
|
flawedmatrix
Grandmaster Cheater
 Reputation: 0
Joined: 21 Jun 2006
Posts: 819
Location: 14598622 for yourself...
|
| Posted: Mon Mar 26, 2007 1:14 am Post subject: |
|
|
Hmm, can you figure out a free method to connect to a mySql database in a remote server?
_________________
|
|
| Back to top |
|
|
SgStar
Newbie cheater
![]() Reputation: 0
Joined: 08 Mar 2007
Posts: 24
|
| Posted: Fri Mar 30, 2007 9:33 am Post subject: |
|
|
| flawedmatrix wrote: | | Hmm, can you figure out a free method to connect to a mySql database in a remote server? |
phpmyadmin. but u still need user/pass.
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Sun Apr 01, 2007 5:33 am Post subject: |
|
|
| SgStar wrote: | | flawedmatrix wrote: | | Hmm, can you figure out a free method to connect to a mySql database in a remote server? |
phpmyadmin. but u still need user/pass. |
Your an idiot ?
|
|
| Back to top |
|
|
SgStar
Newbie cheater
![]() Reputation: 0
Joined: 08 Mar 2007
Posts: 24
|
| Posted: Sun Apr 01, 2007 12:36 pm Post subject: |
|
|
| benlue wrote: | | SgStar wrote: | | flawedmatrix wrote: | | Hmm, can you figure out a free method to connect to a mySql database in a remote server? |
phpmyadmin. but u still need user/pass. |
Your an idiot ? |
Normally people won't just ask how to connect. they will also state what language they are using or what hosting service. those who just ask how to connect properbly want to hack someone's database.
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Mon Apr 02, 2007 6:45 am Post subject: |
|
|
When you say things , they seem to be misleading to the public out there .
Try to clarify what you are saying with examples .
Most people use phpBB anyway . vBulletin is the other type used but isn't common .
Correct me if i'm wrong .
|
|
| Back to top |
|
|
SgStar
Newbie cheater
![]() Reputation: 0
Joined: 08 Mar 2007
Posts: 24
|
| Posted: Mon Apr 02, 2007 10:38 am Post subject: |
|
|
| benlue wrote: | When you say things , they seem to be misleading to the public out there .
Try to clarify what you are saying with examples .
Most people use phpBB anyway . vBulletin is the other type used but isn't common .
Correct me if i'm wrong . |
Agree that phpBB is more popular. but what has forum software got to do with my previous post? 
|
|
| Back to top |
|
|
benlue
Moderator
![]() Reputation: 0
Joined: 09 Oct 2006
Posts: 2142
|
| Posted: Tue Apr 03, 2007 1:13 am Post subject: |
|
|
| SgStar wrote: | | benlue wrote: | When you say things , they seem to be misleading to the public out there .
Try to clarify what you are saying with examples .
Most people use phpBB anyway . vBulletin is the other type used but isn't common .
Correct me if i'm wrong . |
Agree that phpBB is more popular. but what has forum software got to do with my previous post? |
I said your words are misleading and went into wonderland for a second . Discard the second part .
|
|
| Back to top |
|
|
Deadly_Hobbit
Newbie cheater
 Reputation: 0
Joined: 18 Apr 2006
Posts: 19
|
| Posted: Tue Apr 03, 2007 9:42 pm Post subject: |
|
|
SQL injection is VERY easily thwarted.
Encrypt urls into (Space = %20)
Remove and buffer all entered text for slashes and out of place characters
Scramble your sql errors. (And remove function when debugging.)
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
