Tuesday, 17 December 2013

Website Hacking through SQL Injection Hack.

Disclaimer :This is for educational purpose only.. 
                              In this post i'm not gonna show you to hack a Website...But this is just a demo of Website Hacking through SQL Injection method..

We hear the same terms whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really     inaccessible as many of us imagine?

Not really!!

When you consider that you can go to Google right now and enter a search string which will return you thousands of usernames and passwords to websites, you realize that this dark science is really no mystery at all. You'll react similarly when you see just how simple a concept SQL Injection is...
              
                   In its simplest form, this is how the SQL Injection works. It's impossible to explain this without reverting to code for just a moment.

Suppose we enter the following string in a Username field:

' OR 1=1

The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:

SELECT * FROM users WHERE username = ?USRTEXT '
AND password = ?PASSTEXT?

…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.

So entering `OR 1=1 — as your username, could result in the following actually being run:

SELECT * FROM users WHERE username = ?' OR 1=1 — 'AND password = '?

Two things you need to know about this:
['] closes the [username] text field.

'' is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:

SELECT * FROM users WHERE username = '' OR 1=1

1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are at the  front door to create havoc.
                                                                                    I hope yo got that........... 

Brilliant! I'm gonna go hack a Bank!
Slow down, cowboy.This half-cooked method won't beat the systems they have in place up at Citibank...

But the process does serve to illustrate just what SQL Injection is all about — injecting code to manipulate a routine via a form, or indeed via the URL. In terms of login bypass via Injection, the hoary old ' OR 1=1 is just one option. If a hacker thinks a site is vulnerable..

                                                Here are a couple more common strings which are used to dupe SQL validation routines:

username field examples:
 
1)admin'—
2)') or ('a'='a
3)”) or (“a”=”a
4)hi” or “a”=”a

..........… and so on.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)