Wednesday, February 1, 2012

Bypassing Login Screen

Ok, Lets try to bypass the login screen on my testing webpage located in /var/www/fbip.

1. Open the browser and type in the address bar
A simple, ugly web page will appear.

2. Lets try to enter some code on the username field.
' or '1'='1'#
there will be an error.

3. Look on the url. It says that after the login the user will be redirected to the http://localhost/fbip/Process/proses_login.php
Lets put a # before the proses_login.php page and see what will happen.

Good, looks like the bypass success..  :)

"the quieter you are, the more you are able to hear.."


Post a Comment