Sql Injection Method

This page involves utilizing a SQL Injection Attack. If you have observed the source code you have noticed that which leads us to a page “update.php”. Many of the sites are still unprotected. One can easily access the admin panel using this trick

<a href=”update.php”><font color=”#000000″>update</font></a>

So we’ve headed to http://www.hackthissite.org/missions/realistic/2/update.php and there we found an admin panel. But it seems to be unprotected due to SQL injection.

username : ‘ OR ‘a’=’a

password :  ‘ OR ‘a’=’a

And you have got access to a panel which has enough privilege to update the thing!!


About the Author

Aloha, I'm Amit Ghosh, a web entrepreneur and avid blogger. Bitten by entrepreneurial bug, I got kicked out from college and ended up being millionaire and running a digital media company named Aeron7 headquartered at Lithuania.

Related Posts

Basic Mission 1   I can call you a pretty dumb as per you are now viewing the walkthrough for...

Basic Mission 2   I can again call you a pretty dumb as per you are now again viewing the walk...

Basic Mission 3   Have a look at the source code of that page and have you noticed the form section?...

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.