Recent Articles
Sql Injection For Beginners: Tutorial 1
Monday, February 13, 2012|
Surbhi Verma
Many times my readers have asked me to write about SQL Injection, but i always used to consider that its pretty easy way of hacking and may be everyone already know about it.
But now after years I think that, no, i was wrong.Still even many of web developers dont know about sql injection, still I can see many poorly designed websites which are prone to sql injection, one can easily beark into such websites using a simple SQL statement.
So my this post is dedicated to those web developers who leave this hole in their projects, and also to those who want to learn hacking, this is the easiest thing that anyone can do without any, any experience.
What is SQL Injection:
SQL Injection arises because the fields available for user input allow SQL statements to pass through and query the database directly.
SQL Injection, In simple terms:
But on the SQL injection vulnerable Webpage, one can enter into even without knowing the username or password. The database passes the query and let the user enter even without knowing the correct username and password.
This technique is mainly used to break into any website to steal the secret information. but once any one enters into the site, then he/she can do many harmful things too. Think, if a hacker login into a website as ADMIN then he/she can get permission to do many very bad things with that website.
How to Use SQL Injection:
To Use SQL Injection is very easy. In a SQL injection vulnerable login form instead of true username and password, you can enter the following SQL statement.
' or '1'='1
Or,
If you know the Username then fill this code in password field, to enter into the website by pretending to be anyone else.
Mostly websites have some common users with the username like 'Admin' or 'Administrator' for Administrator login. Other possible username includes 'Employee' , 'Student' etc. Enter into a website with different usernames can give different permission and can display different information too.
Not even this you can do many more things using SQL Injection thing, wait and watch for my next post about SQL injection for More details.
Till then Enjoy and Be safe.
Check out other posts under category hacking.
Posted in
Hacking Stuff
1 comments for this post
Leave a reply
Subscribe to:
Post Comments (Atom)
TechByte4U on Facebook
Popular Posts
How to get Account on Google+ ? get google plus invitation Hello All, Google+ is still available using the invitation process, It wi...
In response to query asked by Ameer Hasan Malik Did you forget your windows login password? or want to access Admin account in schoo...
Free winrar, Full version Winrar, Winrar Serial key I guess everyone know what is Winrar, and what it works. So without going into t...
Google Chrome was one of the first browsers to have multiple processes, which creates a separate process for each tab. That means ...
Hey Friends, Download Paid version of AVG 9.0 antivirus for free with 8 yeas licence and save $240...... Features of AVG paid ve...
In This Tutorial I am gonna tell you an easy way to create viruses using Virus maker softwares named "JPS Virus Maker" an...
Hello friends, Today i am gonna provide you genuine keys for windows 7. People who dont know how to how to make your window genuine by repla...
In response to query asked by SUNNI BALA SANKAM Windows 7 has implemented addition secur i ty mechanism to prevent accidental or...
How to inverse colors on a Picture. " Stare at the image then close your eyes, you will see Jesus." When first time I sa...
This is the most common issue, that you have deleted some important files from your system, that you didnt actually want to. Don'...
Nitin Bansal
February 14, 2012 at 7:58 PM
m waiting 4 ur new post......and can u tel me, do u know all types of hacking