Saturday, 11 February 2012

SQL Injection tutorial to Hack websites | Hacking websites

Hello Friends, as you all know in previous hacking classes we have already discussed aboutSQL Injections method of hacking websites. Some of my website users reported that those articles are little bit difficult to understand for new users who wish to learn hacking. For the sake of new users who wish to learn website hacking and SQL injection, i am writing this article  at such a basic level that the user who didn't even have any prior knowledge of SQL can start SQL Injecting websites. This article is also beneficial for hackers too as it will refresh their concepts that what really we have to do and look into website URL if we want to hack website or its database using SQL injection. So Guys read on very basic SQL injection tutorial...
hacking websites, sql injection attack
SQL injection tutorial to hack websites | Hacking website databse

What is SQL Injection?
Basically SQL Injections or simply called Structured Query Language Injection is a technique that exploits the loop hole in the database layer of the application. This happens when user mistakenly or purposely(hackers) enters the special escape characters into the username password authentication form or in URL of the website. Its basically the coding standard loop hole. Most website owners doesn't have proper knowledge of secure coding standards and that results into the vulnerable websites. For better understanding, suppose you opened a website and went to his Sign in or log in page. Now in username field you have entered something say LOKESH and in the password box you pass some escape characters like ',",1=1, etc... Now if the website owner hasn't handled null character strings or escape characters then user will surely get something else that owner never want their users to view.. This is basically called Blind SQL.

Requirements for SQL Injection:
1. You need a web browser to open URL and viewing source codes.
2. Need a good editor like Notepad ++ to view the source codes in colored format so that you can easily distinguish between the things.
3. And very basic knowledge of some SQL queries like SELECT, INSERT, UPDATE, DELETE etc..

What you should look into website to detect is it vulnerable to SQL injection attack or not?
First of all you can hack those websites using SQL injection hacks that allows some input fields from which can provide input to website like log in page, search page, feedback page etc. Nowadays, HTML pages use POST command to send parameters to another ASP/ASPX page. Therefore, you may not see the parameters in the URL. However, you can check the source codeof the HTML, and look for "FORM" tag in the HTML code. You may find something like this in some HTML codes:

 < F O R M action=login. aspx method=post>
< i n p u t type=hidden name=user v a l u e=xyz>
< / F O R M>
Everything between the < f o r m >  and < / f o r m > parameters (remove spaces in words) contains the crucial information and can help us to determine things in more detailed way.

There is alternate method for finding vulnerable website, the websites which have extension ASP, ASPX, JSP, CGI or PHP try to look for the URL's in which parameters are passed. Example is shown below:

Now how to detect that this URL is vulnerable or not:
Start with single quote trick, take sample parameter as hi'or1=1--. Now in the above URL id is the parameter and 10 is its value. So when we pass hi'or1=1-- as parameter the URL will look like this:' or 1=1--

 You can also do this with hidden field, for that you need to save the webpage and had to made changes to URL and parameters field and modify it accordingly. For example:

< F O R M action= asp method=p o s t >
< i n p u t  type=hidden name=abc value="hi' or 1=1--">
< / F O R M >

 If your luck is favoring you, you will get the login into the website without any username or password.

But why ' or 1=1-- ?
Take an asp page that will link you to another page with the following URL:
In this URL 'category' is the variable name and 'sports' is it's value.

Here this request fires following query on the database in background.
SELECT * FROM TABLE-NAME WHERE category='sports'
Where 'TABLE-NAME' is the name of table which is already present in some database.
So, this query returns all the possible entries from table 'search' which comes under the category 'sports'.

Now, assume that we change the URL into something like this:' or 1=1--

Now, our variable 'category' equals to "sports' or 1=1-- ", which fires SQL query on database something like:
SELECT * FROM search WHERE category='sports' or 1=1--'
The query should now select everything from the 'search' table regardless if category is equal to 'sports' or not. 
A double dash "--" tell MS SQL server to ignore the rest of the query, which will get rid of the last hanging single quote ('). 
Sometimes, it may be possible to replace double dash with single hash "#".

However, if it is not an SQL server, or you simply cannot ignore the rest of the query, you also may try

' or 'a'='a
It should return the same result.
Depending on the actual SQL query, you may have to try some of these possibilities:

' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a

Keywords:learn to hack, facebook hacking software download, gmail hacking, twitter hacking , cmd hacks, tips and Securities, youtube downloader, download youtube download,angry birds free download,how to remove this copy windows not genuine, AHSEC previous year question paper for hs 2nd year, AHSEC 2012 question papers for hs 2nd year and final year, Windows Softwares free download AHSEC sample papers for hs final year, free download youtube downloader, youtube downloader free download, learn free hacking, learn hacking free, customize windows, customize windows 7, customize win 7, free hacking softwares, free hacking softwares download, hacking software free download how to hack, learn hacking, learn how to hack, hacking tips, english songs free download, free english songs download, hollywood songs download, become a hacker,Anti Hacking , Hacking , Learn Hacking , Learn Protection from Hackers, warez , Http Proxy , L1/L2/L3 HTTP Proxies , Fresh HTTP High Anonymous / Anonymous / Transparent Proxies ,4/5 socks proxies , keygens , cracks , cracked softwares , cracked programs , keyloggers , bots , RAT , rootkits , shell scripts , free premium accounts , yahoo boters , yahoo programs , yahoo tutorials , yahoo id maker , yahoo room tools , nimbuzz hacking , flooders , programming , pc protection tutorials , security alets , security tutorials , Exploits , Exploit , hacking,hackware,hackers,hack,cracker,crack,patch,serial,software,forum,vulnerability,application,lounge,white hat,graphics,programming,computer,protection,security,alerts,Networking,server,exploits,myspace,warez,downloads,keygen,keylogger,coding,facebook,orkut,flooders elite team,botnets,exploits, reviews, malicious,reverse engineering, analysis, DDOS, Shell, Protect, taskhost, CMD, Net, Bytes, Kilobytes, Megabytes, Gigabytes, Terrabytes, free support, United Kingdom, United States, Alexa, Google, Yahoo, Baidu, Competition, Tabbed head in MYBB,Tab Head plugin, SEO,cpanel, control panel, Proxy, VPN, Webhosting, Webmaster download free hacking tools, free hacking program, hacking software, largest underground hacker convention, hacking security conference, hacking forum, pen-testing, penetration testing, hacker gathering,skywalk3r, lockpicking, hacker community, goons, computer exploits, zero day vulnerabilities, 0day, robotics, hacker attack, defend against hackers hacking, icq, cryptography, hotmail, trojans, cracks, bo2k,aol, firewall, warez, proxy, trojan, subseven, linux, back orifice, serials, flooding, web board, appz, yahoo, passwords, nuke, credit card, irc, netsphere, wingate, gsm,proxies, password, telnet, exploits, bomber, phreaking, spoof,nuker, crack, nukes, serial, virii, cracking, unscambler,jammer, adult check, crackers, crackz, hack, ip, sniffing, wingates, surf,exploit, nukers, anonymous, hackz, antivirus, net bus, satan,smurf attacks, teardrop, security, keyloggers, port scanner,warfare, spoofers, internet, anonymity, cryptology, pgp, mark zuckerburg, Facebook, facebook hack, facebook hacking software, facebook hacking techniques, website hacking, hack website, website hacking software, website deafcing, web deface, web defacing, email hacking, hack email id, hack email, hack ones email, email hacking software, email bomber, hacking, hackingsart, virus!!

No comments:

Post a Comment