Simple Login Page Bypass..



Simple Login Page Bypass Using SQLi..

The following code is being used in a login check page.

Find the proper credentials for getting a successful authentication alert.


$result = mysql_query($sql);
if(mysql_num_rows($result) == 0){
echo "<script>alert('failed')</script>";
} else {
$res = mysql_fetch_array($result);
if($res[2]==$pwd&&((!$res[7])&&($res[3]))) {
echo "<script>alert('success');</script>";
} else {
echo "<script>alert('failed');</script>";
}
}


Find USERNAME & PASSWORD

or find the answers here









Comments

Popular posts from this blog

Cross Site Scripting Filter Bypassing using Header Injection (CRLF).....

Cross Site Scripting through callback functionality

How I could Delete Instagram Captions and Comments that are not mine,.....