Friday, August 26, 2011
SQl ingection
I am not trying to promote hacking hire but to whether you vulnerable or not. This touches the most those who uses website that have database like SQL server. When someone has an intention of accessing your website using your admin password he/she just do that by using SQL injection which is very easy methods to use.
Steps to use SQL injection
log to any website that has database on use forms.
In the place for administrator type Admin.
In the place for password type x' or 'a'='a
or
In the place for password type x' or 1=1--
After this you migth gain access to website database or you might be required to try more trick and I guess the good hacker won't stop till he/she able to logs in.
Way of protecting your website
The administrator of those website vulnerable to this kinds of hacking can escape fro this by using MySQL escape sting or MySQL real escape string.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment