Social Icons

Friday 29 May 2015

Base64 Encode/Decode SQL Injection

Base64 Encode/Decode SQL Injection

Base64 Encode/Decode SQL Injection By RAi Jee

 Today Our Topic is Base64 encoded/decoded SQLi Queries.

 Here is A Example of Base64 Parameter.


http://www.FakeSite.com/detail.php?id=MTU=

 If we add Single Quote (') where detail.php?id=MTU=' 
We can see there is no error or any kind of Changes in the Webpage.
We cant inject These Type of Parameters Directly .
SO HOW CAN WE INJECT THESE TYPE OF WEBSITES ???

 Lets Start Injecting.
Hmmm  So Here Is our TARGET .
First you Have HACKBAR Addon installed in your Browser.
You Can Installed it From Here .
https://addons.mozilla.org/en-us/firefox/addon/hackbar/

  See Our TARGET detail.php?id=MTU= Parameter is Encoded in Base64

 http://www.bio1usa.com/detail.php?id=MTU=
Base64 Encode/Decode SQL Injection
Now Select Base64 Encoded Parameter. Open Hackbar Encoding Option and Select Base64 Decode.
Base64 Encode/Decode SQL Injection
And we get detail.php?id=MTU= Parameter as detail.php?id=15
Now Lets Start Our Manually SQL Injection From Here. add Single Quote (') at The end Of Parameter And Again Encode it Using Hackbar Encoding Option  Base64 Encode and execute URL.
Base64 Encode/Decode SQL Injection
And We Get MYSQL Error !!
Base64 Encode/Decode SQL Injection

 Now Next Process is to Count Columns using order/group by . and After this Prepare UNION SELECT Statement for getting Tables and Columns.
Our Injection is Simple . Just what we have to do is.
 

  1. Base64 decode our parameter
  2. add our SQLi commands to it
  3. then Base64 encode it
  4. and execute the command
These Parts Are BASIC SQL Injection.
Read From My PREVIOUS SQL Injection Tutorials.

                                   SQL Injection- Basics Of SQLi Part-1

                                   SQL Injection- Basics Of SQLi Part-2

                                    Union Based SQL Injection (WAF Bypassing)
Posted by at 08:42
Labels: ,

3 comments:

Subscribe to: Post Comments (Atom)