Hack admin password of websites

You might be interested if you can hack administrator passwords of websites! So here’s a way….

You can use this method for cracking admin passwords of websites written in ASP.

First, you type “asp admin login” in Google. Then select any of the websites.

1. Type         admin in username field.

2. Type             ‘or’1’=’1 in the password field. (You may use the same string in the username field also.)

Are you logged in now? Sometimes, you may not be. But you don’t worry. Try for webpages in the second and later pages of google results. Defenitely, you can crack!

Now do you want to know the anatomy of this hack? We have used the technique of SQL injection here. i.e, we have (mis)used the security vulnerability(Remember Deepa miss’s class) in the database layer of an application.

I think that you remember the basic SQL commands. Normally, we write the sql command for validation of input form in the following way.

SELECT  * FROM ‘users’ WHERE  ‘name’ = ‘ “+userName +” ‘  AND  ‘password’  = ‘ “+password + ” ‘;

When we type as username and password as shown above, the query will become like

SELECT * FROM ‘users’ WHERE  ‘name’ = ‘admin’ AND ‘password’ = ” OR  ‘1’=’1′;

Look in the password validation carefully!

password=” or ‘1’=’1′

Either password is null or 1=1. String will be always validated!

Don’t misuse this trick! Think positively…………!



5 thoughts on “Hack admin password of websites

  1. sql injection is an old method.Nowaydays there is no use with it.however there may be websites that cannot prevent sql injecttion.

    Its very easy to prevent sql injection.In php we can use a function named addslashes() to add black slashes before any special chars in a string so that every special characters will be treated as normal characters so that reason sql injection is not possible here.

  2. Guys,one more thing i want to point out is that we can avoid indexing our admin page by google or other search engines like this,

    so that our admin page wont appear when someone searching on search engines

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s