Hello And welcome to my another instructable . In this instructable i will tell you How To Hack A Website In Less Than 2 minutes using SQL Injection.''I Am Not Responsible for any hacking done by anyone''
Introduction to Sql Injection:
An SQL injection is a kind of injection vulnerability in which
the attacker tries to inject arbitrary pieces of malicious data into the input fields of an application, which, when processed by the application, causes that data to be executed as a piece of code by the back end SQL server, thereby giving undesired results which the developer of the application did not anticipate. The backend server can be any SQL server (MySQL, MSSQL, ORACLE, POSTGRESS, to name a few)
The ability of the attacker to execute code (SQL statements) through vulnerable input parameters empowers him to directly interact with the back end SQL server, thereby leveraging almost a complete compromise of system in most cases.
Why does SQL injection happen?
Generally when an application is communicating with the backend
database, it does so in the form of queries with the help of an underlying database driver. This driver is dependent on the application platform being used and the type of backend database, such as MYSQL, MSSQL, DB2, or ORACLE.
A generic login query would look something like this:
`SELECT Column1, Column2,Column3 FROM table_name WHERE username=’$variable1′ AND password=’$variable2′;`
We can split this query into two parts, code section and the data section. The data section is the $variable1 and $variable2 and quotes are being used around the variable to define the string boundary.
Let us try to walk through the process in a crude way. Say at the login form, the username entered is Admin and password is p@ssw0rd which is collected by application and values of $variable1 and $variable2 are placed at their respective locations in the query, making it something like this.
`SELECT Column1, column2, Column3 FROM table_name WHERE username=’Admin’ AND password=’p@ssw0rd’;`
Now the developer assumes that users of his application will always put a username and password combination to get a valid query for evaluation by database backend. What if the user is malicious and enters some characters which have some special meaning in the query? For example a single quote. So, instead of putting Admin, he puts Admin’, thereby causing an error thrown by the DB driver. Why? Because of the unpaired quote entered by the user breaking the application logic.
Teachers! Did you use this instructable in your classroom?
Add a Teacher Note to share how you incorporated it into your lesson.
Step 1: Starting
First of all open google .
Search google for: Admin login.asp . and choose your target .
Open your target website and enter the following
The sql injection above will not work for all websites because different websites can have different sql strings, you can search google for more strings
Step 4: Done
You have hacked a website.
Please vote me in the contest if you like my instructable ☺