SQL Injection with buffercode

SQL INJECTION BY VARIOUS WAYS INTRODUCTION TO SQL INJECTION

The most easiest way to hack an site is hacking it by SQL injection. SQL Injection based on the vulnerabilities of an SQL database. The data stored in the database of SQL is in the form of tables and columns.




By knowing the table and column of USERNAME and PASSWORD anyone can access the whole data of the website. There are several ways which are described below :-

Identifying the hackable sites

First you need to identify the sites that can be hacked by SQL injection. Thus all sites does not use the SQL database because it is safer enough to secure the database.

GOOGLE is the best place to find these websites. First you have to go to   https://www.google.co.in .

To find the admin page of the sites you should need to type the keywords:

inurl:login/admin.asp

otherwise click on this URL

https://www.google.co.in/?gfe_rd=cr&ei=xbz9VY3DKovC8gfizauoDQ&gws_rd=ssl#q=inurl:login%2Fadmin.asp+ .

now click on the any site shown in Google page.

*To Check the site is vulnerable or not

It is an verifying step to identify that your site is hackofied or not. I can tell it by example

For e.g:- “ www.dummy.com/ ” is an url of site then by adding an single inverted comma ‘ at the end of the url  “www.dummy.com/’ “ and pressing ENTER.

If the error shown is an PAGE NOT FOUND error then it could not be hacked and you should leave that site.

Otherwise YOU find a right site to get hacked.

Now you are 1 step far to hack your first website using SQL injection.

 

SQL injection first step

 

METHOD 1 USE 1’or’1’=’1 statement as username and password

First of all make sure the statement :

1’or’1’=’1

Should not containing spaces while writing.

Then go to the login section of site and entered the above statement in the place of USERNAME and

PASSWORD .

SQL injection 1

 

Disclaimer

This is just for educational purpose only. Discussing or Reading about thief technique is not crime but implementing

NO COMMENTS