crimec Posted September 21, 2015 Share Posted September 21, 2015 I've apologised and left it at that Quote Link to comment Share on other sites More sharing options...
SRB Posted September 21, 2015 Share Posted September 21, 2015 I've apologised and left it at that You are the defendant, you can not make that decision. That decision is down to the judge and jury. This court is now back in session. Quote Link to comment Share on other sites More sharing options...
TheMasterGeneral Posted September 21, 2015 Share Posted September 21, 2015 Well, this was, I really don't know. Quote Link to comment Share on other sites More sharing options...
SuperStar Networks Posted September 22, 2015 Author Share Posted September 22, 2015 Hold on! I conducted some sql injects because I wanted to see if his stupid game had any vulnerabilities, I'm hardly going to lie about something like that loool, and so what? How does that affect my "Respect" in anyway?? Don't talk **** here, I've seen a lot of you guys trying to use XSS attacks on people's games, especially his so don't contradict yourselves if yous want to give out, I did nothing wrong, I even used my name because I've nothing to hide. So pipedown, nothing on this thread affects me it's pretty much pointless, don't you realise he's selling something with a license he made up lol that's the main reason he's here and he'll do anything to spoil someone's name. I really don't care at this point I've nothing more to say, it's people like him that ruin the community, and it's people like you that let your ego's get to you goodluck and [MENTION=68711]KyleMassacre[/MENTION] could you please lock this thread I don't wish to continue chatting with these wastemen. Thanks JC out haha .. IllegalPigeon try xss attack .. but he don't do nothing . just show me weak spot ! then he left ! its mean he respect another game owner ! if u want to know can i sell with valid licence or not https://www.facebook.com/ms.icecold.music?fref=ts ask to Martin Simmons ! 100% Protection the first coder of RC engine and mine was modify upgrade coder! Quote Link to comment Share on other sites More sharing options...
W3Theory || Peter Posted September 22, 2015 Share Posted September 22, 2015 (edited) haha .. IllegalPigeon try xss attack .. but he don't do nothing . just show me weak spot ! then he left ! its mean he respect another game owner ! if u want to know can i sell with valid licence or not https://www.facebook.com/ms.icecold.music?fref=ts ask to Martin Simmons ! 100% Protection the first coder of RC engine and mine was modify upgrade coder! [remove] this Edited September 22, 2015 by W3Theory || Peter Quote Link to comment Share on other sites More sharing options...
Coly010 Posted September 22, 2015 Share Posted September 22, 2015 I've apologised and left it at that It's not the fact that dropping a table via sql injection on a site you down own, run or work on is silly, it's illegal for christs sake. Do a bit of research. And apologising doesn't make it right. It also doesn't matter if it works or not. It's still an attempt. It's like going to facebook and trying to drop the user table there. You'd get jailed and sued. There's a difference between malicious hacking and ethical hacking. What you have done is malicious, what IP has done is ethical. They haven't forced any loss of data, they've made light to an exploit. If you were being ethical you wouldn't drop the table. You would maybe change your own data, or add a new column, sonething that won't **** up the app. Quote Link to comment Share on other sites More sharing options...
~Rob0t Posted September 22, 2015 Share Posted September 22, 2015 It's not the fact that dropping a table via sql injection on a site you down own, run or work on is silly, it's illegal for christs sake. Do a bit of research. And apologising doesn't make it right. It also doesn't matter if it works or not. It's still an attempt. It's like going to facebook and trying to drop the user table there. You'd get jailed and sued. There's a difference between malicious hacking and ethical hacking. What you have done is malicious, what IP has done is ethical. They haven't forced any loss of data, they've made light to an exploit. If you were being ethical you wouldn't drop the table. You would maybe change your own data, or add a new column, sonething that won't **** up the app. With a crude query (hint: not defining the fields before the values), adding a new column can cause data to not be inserted, thus loss of data. Don't suggest SQL injections to make any attempt ethical if you don't cover all bases ;) Also, an SQL injection isn't always/necessarily modification of the database, it's about injecting query language into the query. > SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. For example, if your query was supposed to be SELECT foo FROM bar WHERE faz = 1 But instead it ran SELECT foo, 5 FROM bar WHERE faz = 1 It's still an injection of query language :) Quote Link to comment Share on other sites More sharing options...
Coly010 Posted September 22, 2015 Share Posted September 22, 2015 With a crude query (hint: not defining the fields before the values), adding a new column can cause data to not be inserted, thus loss of data. Don't suggest SQL injections to make any attempt ethical if you don't cover all bases ;) Also, an SQL injection isn't always/necessarily modification of the database, it's about injecting query language into the query. > SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. For example, if your query was supposed to be SELECT foo FROM bar WHERE faz = 1 But instead it ran SELECT foo, 5 FROM bar WHERE faz = 1 It's still an injection of query language :) Thanks for clearing that up :) I didn't even think about Select when I wrote the post Quote Link to comment Share on other sites More sharing options...
crimec Posted September 22, 2015 Share Posted September 22, 2015 It's not the fact that dropping a table via sql injection on a site you down own, run or work on is silly, it's illegal for christs sake. Do a bit of research. And apologising doesn't make it right. It also doesn't matter if it works or not. It's still an attempt. It's like going to facebook and trying to drop the user table there. You'd get jailed and sued. There's a difference between malicious hacking and ethical hacking. What you have done is malicious, what IP has done is ethical. They haven't forced any loss of data, they've made light to an exploit. If you were being ethical you wouldn't drop the table. You would maybe change your own data, or add a new column, sonething that won't **** up the app. I totally agree, what I did was malicious and I apologise for that, I won't be doing that again, and If I do, i'll try changing my name or something not dropping tables. Anyways any idea why my query that I posted didn't work? I presumed the code was inserting values into a tables so I closed it by typing '); But then I typed this into the chat to see if it would work, note I used "--" to comment the rest of the query '); DROP TABLE members;-- Quote Link to comment Share on other sites More sharing options...
~Rob0t Posted September 22, 2015 Share Posted September 22, 2015 I totally agree, what I did was malicious and I apologise for that, I won't be doing that again, and If I do, i'll try changing my name or something not dropping tables. Anyways any idea why my query that I posted didn't work? I presumed the code was inserting values into a tables so I closed it by typing '); But then I typed this into the chat to see if it would work, note I used "--" to comment the rest of the query '); DROP TABLE members;-- The backend is treating the string as a literal string and not query language. See paramatised queries: http://blog.codinghorror.com/give-me-parameterized-sql-or-give-me-death/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.