Trending: TeCh ZoNe

Friday, March 9, 2012

Basic sql injection tips to hack website | Post for noobs

what are sql injections?

Basically SQL Injections or simply called Structured Query Language Injection is a technique that exploits the loop hole in the database layer of the application. This happens when user mistakenly or purposely(hackers) enters the special escape characters into the username password authentication form or in URL of the website. Its basically the coding standard loop hole. Most website owners doesn't have proper knowledge of secure coding standards and that results into the vulnerable websites. For better understanding, suppose you opened a website and went to his Sign in or log in page. Now in username field you have entered something say example and in the password box you pass some escape characters like ',",1=1, etc... Now if the website owner hasn't handled null character strings or escape characters then user will surely get something else that owner never want their users to view.. This is basically called Blind SQL.

In this tutorial I will be showing you a very basic and simply SQLi (Structured Query Language Injection).I will show you how to get into a website by using some google dorks and SQL query. By using SQL queries we can bypass the username and password and can enter into the admin panel. To hack a website simply follow these steps :-
steps to hack a site -
 Use any of the google dork to find the admin login page of a website.

intitle:admin login
inurl:adminlogin.asp inurl:adminlogin.php

There are many websites which can be hacked by this. Open anyone and you will see the login

page. Type 
this SQL query in form.

Username : 1'or'1'='1
Password : 1'or'1'='1

i hope you understand

All Rights Reserved TeCh ZoNe | Blogger Template by Bloggermint
back to top