How to take a screenshot? An integrated approach to solving the problem
Many computer users probably faced the task when it was necessary to take a screenshot (“photos” of the screen). Often, for these purposes, special programs are used that have wide…

Continue reading →

What topic to choose for a blog? Just not about the blog!
I wonder how many sites on Runet sites and blogs about blogs? Of course, no one specifically calculated them, but - a lot! There are very famous among them, there…

Continue reading →

What is a CMS?
Internet users are having to deal with this magical combination of letters more and more often. So what does this spell mean, and in what area of ​​the Internet is…

Continue reading →

How to hack a site?

To begin with, let’s determine that by this article I do not in any way urge anyone to hack someone’s Internet resources using the methods described below.

The main goal of the article is to demonstrate to the user the importance of the topic of data protection on the Internet using an example of a site that is not properly protected. Perhaps, the most common method of hacking a site will be used as a method of attacking a site – SQL injection.

To begin with, we will determine that all, without exception, modern, voluminous, complex sites are built on the basis of a database. Work with data stored in the database of your site is carried out through the structural query language SQL.

SQL injection is the technique of introducing certain code (not violating the structure of the query itself) into the original SQL query in order to gain access to the data contained in the database.

Thus, under certain conditions related, as a rule, to the lack of functions in the code and site requests aimed at protecting data, an attacker can read the contents of any tables through SQL injection, as well as delete, modify or add data, get the opportunity to read and / or writing local files and executing arbitrary commands on the attacked server. We will not stop for a long time on the theory and move on to action.

So, for starters, let’s get acquainted with such a concept as data transmission using the GET method. Have you noticed, while traveling through the pages of the endless Internet, that the links that you travel are often of the form: / index.php? something = something & something else_ something else = something else,

where in place of my conditional “something” and “something” are all sorts of meanings.

So, know that urls that look like this contain certain information, namely: the question mark is followed by the variable (its name), and then = its value. The sign & separates the variables from each other.

And this is done only so that the page you are accessing can change depending on these variables, that is, their values ​​are transmitted by the GET method to the code of the site pages, there these values ​​are processed, and on the basis of the results obtained our web page.

But just think about it! After all, no one can forbid you to take and manually correct this url, make it as you need, press the enter key after that, and send the data of this url to the database server for processing !! This is where the possibility of introducing SQL injection arises.

So, let’s begin. We have a website that, based on the id parameter passed by the GET method, takes certain data from the database and forms our page on its basis. Here is the code for this SQL query that processes our data from the url:

$ result3 = mysql_query (‘SELECT * FROM raspisanie WHERE cat = $ id’).

If translated into Russian, the query selects all the data from the raspisanie database, where the field cat = $ id. In fact, everything in the request follows our $ id variable, which we pass from the url, it doesn’t matter to us anymore, and later I will explain why. Now let’s deal with the url itself. Let it initially look like this: / index.php? id = 3.

That is, we pass the parameter id = 3 with this url query, and the page is formed on the basis of this parameter, so it is placed in our SQL query and it turns out that all the data from the raspisanie table is extracted from the database, where the field cat = $ id = 3. And now for the fun part. Suppose we know that in the database of the attacked site in the users table the username and password from the administrator’s zone of the site are stored – in the login and password fields, respectively. And then, just changing our url like this: / index.php? id = 3 + union + select + 1,2, login, password, 5,6,7 + from + user / *

– the page will put all this big variable in our request, which will look like

$ result3 = mysql_query (‘SELECT * FROM raspisanie WHERE cat = 3 union select 1,2, login, password, 5,6,7 from user / *’).

And, having processed such a new request, which does not violate the structure of the database tables, the server itself will return to us, in addition to the usual information corresponding to the value id = 3, also a login with a password from the site!

To make it completely clear, I will translate our new “magic request”:

“Select all the data from the raspisaniе table, where the field is cat = 3, and also make another request: display, in addition to the data received, the username and password from the users table.”

Numbers 1, 2, etc. are arbitrary and are used to preserve the structure of the query, and the number of such values ​​is determined by selection – until the number of such values ​​becomes equal to the number of values ​​that are output from the database by default.

The names of the users table and the values ​​of the fields for the login and password are also determined by the selection, because you must admit that everywhere they have approximately the same names. And finally, the characters at the end of our url “/ *” serve to discard the tail of the initial request if it is present, so that it does not violate the structure of the embedded request.

Why are internet games dangerous?
Today, once again, from my own experience, I was convinced that Internet games are evil. They do not allow you to relax, do not allow you to do something useful…


How to connect two computers to a network
It sometimes happens that you need to connect a couple of computers, or rewrite files, or just provide a connection between them. Nothing is simpler, the only thing you need…


"Clean room" or laminar box? What is more suitable for organizing the repair of hard drives?
When a hard drive receives physical damage, the process of data recovery and disk repair requires a high degree of care and experience. The recovery process includes removing the disk…


How to create a server in Left 4 Dead 2?
In this article, I will describe How to create an L4D2 server through the Garena client. So, let's begin... 1. Close all programs that actively use the Internet connection of…