Wednesday, May 25, 2011

How To Find The Websites Having SQL injection Vulenerability

So You Have Always Wondered That Sql Injection is such a nice approach in hacking a website but you must have not got any website that has login form having sql injection vulnerability

So heres the trick how to find one...just make a google search - "admin login.asp" (without quotes)
..Here asp stans for ACTIVE SERVER PAGES.. asp is a Program By Microsoft That uses server side scripting languages like VBscript and Running On Ms-Sql server...and the search will result the pages for administrator login having extension .asp

After reaching any login page you have to just use the traditional sql injection methods...where user name will be either admin or administrator..(since our goal is to gain admin priviledges),and in the password field you ca use the below script..
anything' OR 'x'='x
After gaining The admin Privilidges ,Just Do Whatever You want..Delete There Records,or Change the password ..etc...Thats What Hacking Is About...


Post a Comment