Hacking website using SQL Injection -step by step guide Before we see what SQL Injection is. We should know what SQL and Database are. Database: Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more. Some List of Database are: * DB servers, * MySQL(Open source), * MSSQL, * MS-ACCESS, * Oracle, * Postgre SQL(open source), * SQLite, SQL: Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language. Definition from Complete reference: SQL is a tool for organizing, managing, and retrieving data stored by a computer database. The name "SQL" is an abbreviation for Structured Query Language. For historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation "S.Q.L." is also used. As the name implies, SQL is a computer language that you use to interact with a database. In fact, SQL works with one specific type of database, called a relational database. Simple Basic Queries for SQL: Select * from table_name : this statement is used for showing the content of tables including column name. For eg: select * from users; Insert into table_name(column_names,...) values(corresponding values for columns): For inserting data to table. For eg: insert into users(username,userid) values("blackstar","black"); I will give more detail and query in my next thread about the SQL QUERY. What is SQL Injection? SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database. What an attacker can do? * ByPassing Logins * Accessing secret data * Modifying contents of website * Shutting down the My SQL server Now let's dive into the real procedure for the SQL Injection. Follow my steps. Step 1: Finding Vulnerable Website: Our best partner for
1. Click on “Start” in the bottom left hand corner of screen. 2. Click on “Run”. 3. Type in “command” and hit ok.You should now be at an MSDOS prompt screen. 4. Type “ipconfig /release” just like that, and hit “enter”. 5. Type “exit” and leave the prompt. 6. Right-click on “Network Places” or “My Network Places” on your desktop. 7. Click on “properties”. You should now be on a screen with something titled “Local Area Connection”, or something close to that. 8. Right click on “Local Area Connection” and click “properties”. 9. Double-click on the “Internet Protocol (TCP/IP)” from the list under the “General” tab. 10. Click on “Use the following IP address” under the “General” tab. 11. Create an IP address (It doesn’t matter what it is. I just type 1 and 2 until i fill the area up). 12. Press “Tab” and it should automatically fill in the “Subnet Mask” section with default numbers. 13. Hit the “Ok” button here. 14. Hit the “Ok” button again. You should now be back to the “Local Area Connection” screen. 15. Right-click back on “Local Area Connection” and go to properties again. 16. Go back to the “TCP/IP” settings. 17. This time, select “Obtain an IP address automatically”. 18. Hit “Ok”. 19. Hit “Ok” again. 20. You now have a new IP address. Some ISPs do not support this type of procedure and hence there are chances of getting back the same old IP address even after trying this hack. In this case you need to switch off the modem and then switch it on to get the new IP address. NOTE: All these tricks works only if you have a dynamic IP address. But if you have a static IP address you have no option to change your IP.
Pages to are hidden for
"how to change ip address"Please download to view full document