Simple SQL Injection

Do you want to login to others site/profile?

follow these simple steps

1. go to the login page of the site

ex. www.*******.com/index.php

you can simply search login pages in google search engineby typing      ‘ inurl:/login’  (without quote)

2.insert  single quote (‘) in username field

3. insert equal sign(=) in password field

4.try to login

That site is vulnerable if you get a sql error message like this.

so you can login in to that site. if  you don’t get any error message you can’t hack it.

5. go back to login page

6. if  you know the user name already enter it in user name field (most administrators use ‘admin’ as there user name). if you don’t know the user name
insert”      ‘or”=’   ”  (without double quote )

7. insert ”   ‘or’=’   ” in password field (without double quote ) login

this method will only work for sites which have  vulnerable. first four steps check whether the site is vulnerable or not.

NOTE- this is a cyber crime  🙂