Lol Have you ever wanted to explore the inside of a website? :D This I wrote for fun. I tested it on a website that I had permission to test. If you take a webpage over its on you not me. Type the below in a Google Search :D O yeah .php?id= And you can type a random number This will find a vulnerably site We have to then test site to see if we can get in via SQL injection. We do this by trying to generate an error code by entering in the address bar of site etc We try to generate an error message right after the number it generates on address bar enter in an apostrophe () after the last number and hit enter. If you get an error the site is hackable Pay attention to the error message to see if they give you a location of the database.Copy the message for later use can be very handy for an OS Shell attack Then take the apostrophe off and copy the whole URL (sample) Open a terminal and type sqlmap -h very handy -h And works fine with the use of tor and running a dynamic proxy chain is fine too to prevent any DNS leaks. Open terminal type sqlmap -u (URL)--dbs this will check for the above sqlmap -h Try to find something like users or names etc from the list or look for something obvious Now in terminal or up arrow sqlmap -u (URL) -D (databasename) --tables Keep running the above from the list until you get a hit Once we get in there and get the table the commands will change like sqlmap -u (URL) -D (databasename) -T --columns This is where you will be getting into the good stuff JDEVIL If you can get the email info? Get there email this is great to use to inject a reverse shell, payload,etc and then you are there . You can do it all with there email by sending payloads and then Opening up there email to open the malious document lol sqlmap -u (URL) -D (databasename) -T (table) -C username,password,usertype,email --dump If you get a hash for a password you can in terminal hash-identifier HASH (hash) Just info if it has the colon the first part is the hash 2nd part is the salt Sometimes you can open up the page source and find info or errors to see what the site is powered by and written in. You can type in the address and do a /admin/ to find the adim page and also open up the page source on this window as well You can play with sql its tons of tools all in one sqlmap (url) --os shell or sqlmap (url) --os-pwn etc for testing just to see rare thing when it works but trying for fun All the tools are preinstalled in Kali Mon Long Ty Mcmurtry Whats up ?llololol
Posted on: Fri, 03 Oct 2014 22:55:38 +0000