Hacking Websites using Sql Injection statementFocus to SQL InjectionModerators: 4L13N, Moderator, Contributor SQL InjectionPost a reply 3 posts • Page 1 of 1Hacking Websites using Sql Injection statement by dj.topan »Mon Dec 21, 2009 4:22 pmSQL (Structured Query Language) is a language that is used for accessing data inrelational databases. This language is a de facto standard language used in relationaldatabase management. At present almost all the existing database server supports thislanguage to make its data management.This time I wanted to give a little guidance on how to hack websites using a simple sqlinjection, with no software and only use the statement "or".In this way, someone who called himself as xnuxer never deface the Commission websiteAs we know, almost every website meliki special pages that can only be entered by theadministrator. And every person who entered into the directory must enter a usernameand password as admin, and with tutors, we are trying to membye-pass the password.Okay not to extend the preamble, we just go on topic. . Consider me the followingexplanation: Suppose I have a website and to be able to configure, then I should go in asadmin. And anggep aja usernamenya is Admin, with a striped cat and password to log in,then think - think sql statemennya as follows: Nowhere select * from admin username = 'Administrator' and Password = 'cat Striped'If I go into the root admin and fill in the username and password, automatically andsurely I can "ngutak work on" my website. But what if i do not know the password? Thisnever die, the core of the tutors this time, where we try membyepass or passing orderswithout knowing the password is password.Before that, I need a little explaining about the use of logic statement "or" where thestatement can be flipped value of "false" to "true" so that, even though we were wrong toenter a password, still considered correct. For example, I use the statement or to sign in asadmin, then the statement that my input is to fill in "or''= '(without the quotation marks atthe beginning and end) on the username and password. Only by including such statement,I can go to my website without needing to know what your username and password, and please you to improvise to find the root admin page on a website. Or look at my previous posts. And good luck * Glosarry:Statement in this tutorial, synonymous with a command or command.