SQL Injection, Anyone Know How?

n_wattam

Anyone know how to do this?

cahva

What kind of question is that? Do you need some advice hacking some site? 🙂

n_wattam

lol, i want to grab data from a comeptitors site. 😃

NogDog

[moderator_hat_on]Seriously: are you truly asking how to hack a competitor's database? If so, this thread will be closed "with prejudice".[/moderator_hat_on] If, as the "lol" and emoticon suggest, you were joking, then please rephrase your question to explain what exactly you are asking.

coldwerturkey

You seriously couldn't find the answer to this on google? You really thought it would be a good idea to start a thread with malicious intent on this forum?

bradgrafelman

SQL injection is done when a user (some read: "hacker") manipulates data being sent to a PHP script, for example, that is later used inside a SQL query. The "injection" is successful if the programmer who created the script didn't properly escape/sanitize incoming data (note that this doesn't just include data from $POST or $GET; some data in $SERVER and all data from $COOKIE is just as easily manipulated to contain whatever the user wishes) before using it inside a SQL query.

There's how it's done. As for how to protect yourself against it, that has been discussed countless times on the board. As for anything else, you'll have to look elsewhere.

Thread closed.