if they store passwords in plaintext then they probably didn't employ the greatest security masterminds.
Next time you login try entering this as your username:anon'; DROP ALL TABLES; --
you can try using" or ""="
as both username and password.
(Try it with both quotations and apostrophes - you don't know how are their queries built)
Depending on the way their query works, it might select all users in the database, and then log you in as the first added user, which is usually the super admin
Why are you faggots giving this guy any stupid ideas? He clearly has no clue about security, programming or the /g/ etiquette. The correct course of action is to tell him to get the fuck out of here, you stupid script kiddie.
try this first:
it won't do damage, but will tell you if the site is vulnerable to mysql injections.
assuming their query looks like this:mysql_query('SELECT * FROM users WHERE username="'.$login.'" AND password="'.$password.'"');
(which is quite a common way to make it for complete beginners)
it will then end up looking like this:mysql_query('SELECT * FROM users WHERE username="" or ""="" AND password="" or ""=""');
and since ""="" is true, it will select all users instead of just one.
Thanks anon, i'm in the middle of setting up a database using mamp just to check this stuff out and learn a little. I actually have a project due next month on this type of thing so it'll come in useful :)