Date: 21 Feb 2025
-
click on oswasp mutiidae II
-
owasp 2013->A1-injection(other)->sqli-bypass authentication->login
-
put a
'in the username and login
-
the following error will show us (scroll up):
-
then in login sign up :
you can see it is bypassed
o/p is shown below
-
now hit the webiste
- username : ' or 1=1 --
- passwd :anything
- you can see you bypassed it
- now keep the username genuine and password try to bypass in Website
- username : admin
- passwd : ' or 1=1 --
- you can now bypass too
- now give username : jsmith ‘ or 1=1 --(space) in Website
- password : random
- username = jsmith' AND 1=1 -- || passwd: anything
