How to Hack Website Using Sql Map
In this tutorial i'm going to explain how to hack a website using sql map, sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. This tool is available in Kali Linux (Hacker's Os).
Let's start with Kali Linux,
Kali Linux
First off, you need to have Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you'll need to install Sqlmap on your own. Now if you don't have Kali Linux installed, you might want to go to this page: An Introduction to Hacker's OS Kali Linux and Installation Tutorial
Suggest you to read: Kali Linux Tutorial: Find Vulnerabilities for Any Website Using Nikto
Suggest you to read: Kali Linux Tutorial: Find Vulnerabilities for Any Website Using Nikto
Sqlmap
Basically its just a tool to make Sql Injection easier. Their official website introduces the tool as -"sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."
A lot of features can be found on the SqlMap website, the most important being - "Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems." That's basically all the database management systems. Most of the time you'll never come across anything other than MySql.
Hacking Websites Using Sqlmap in Kali linux
Sql Version
Boot into your Kali linux machine. Start a terminal, and type -
sqlmap -hIt lists the basic commands that are supported by SqlMap. To start with, we'll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be-
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1Sometimes, using the --time-sec helps to speed up the process, especially when the server responses are slow.
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15
Either ways, when sqlmap is done, it will tell you the Mysql version and some other useful information about the database.
answered in yes/no. Typing y means yes and n means no. Here are a few typical questions you might come across-
- Some message saying that the database is probably Mysql, so should sqlmap skip all Note: Depending on a lot of factors, sqlmap my sometimes ask you questions which have to be other tests and conduct mysql tests only. Your answer should be yes (y).
- Some message asking you whether or not to use the payloads for specific versions of Mysql. The answer depends on the situation. If you are unsure, then its usually better to say yes.
Enumeration
Database
In this step, we will obtain database name, column names and other useful data from the database.
So first we will get the names of available databases. For this we will add --dbs to our previous command. The final result will look like -
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs
So the two databases are acuart and information schema.
Table
Now we are obviously interested in acuart database. Information schema can be thought of as a default table which is present on all your targets, and contains information about structure of databases, tables, etc., but not the kind of information we are looking for. It can, however, be useful on a number of occasions. So, now we will specify the database of interest using -D and tell sqlmap to enlist the tables using --tables command. The final sqlmap command will be-
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables
The result should be something like this -
Now we have a list of tables. Following the same pattern, we will now get a list of columns.
Columns
Now we will specify the database using -D, the table using -T, and then request the columns using --columns. I hope you guys are starting to get the pattern by now. The most appealing table here is users. It might contain the username and passwords of registered users on the website (hackers always look for sensitive data).
The final command must be something like-
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users --columns
The result would resemble this-
Data
Now, if you were following along attentively, now we will be getting data from one of the columns. While that hypothesis is not completely wrong, its time we go one step ahead. Now we will be getting data from multiple columns. As usual, we will specify the database with -D, table with -T, and column with -C. We will get all data from specified columns using --dump. We will enter multiple columns and separate them with commas. The final command will look like this.
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass --dump
Here's the result
You are done,
John Smith, of course. And the password is test. Email is email@email.com?? Okay, nothing great, but in the real world web pentesting, you can come across more sensitive data. Under such circumstances, the right thing to do is mail the admin of the website and tell him to fix the vulnerability ASAP. Don't get tempted to join the dark side. You don't look pretty behind the bars. That's it for this tutorial. Try to look at other columns and tables and see what you can dig up, Thank you.
4 comments:
⚠️CRYPTO TRADING SCAM ALERT⚠️
❌ Crypro Trading, Forex Trading, Stock Trading and their likes are a means of making money but it’s more like gambling. There are no sure means to guarantee that a person could make profit with them and that’s why it can also be reasoned to be scam. Let’s not forget that some individuals even give you 💯 % guarantee of making profits and end up running away with your money.
❌ You might have also come across some individuals that say they will give you guarantee on successful trades but they only end up as SCAMMERS as well. You here them say stuffs like 200% guaranteed in just 2 weeks and when you go into trade with them, they start telling you to pay profits percentage before you can get your income. These are all liars please avoid them. But if you have been a victim of this guys, then you should contact FIRMWARE now‼️
The internet today is full of Recovery Scam, you see so much testimonies been shared about how a firm or Company helped them recover what they lost to this Trading, but believe it, it’s just a way to lure more people and end up scamming them.
✳️The big Question is “Can someone Recover their money lost to Binary Option and Scam⁉️
I will say yes, and will tell you how.
The only way to Recovery your money back is by hiring HACKERS to help you break into the Firms Database Security System using the information you provide them with, Extract your file and get back your money. It seems like a really impossible thing to do, I will tell you, it should be impossible, but with the use of specially designed softwares known to HACKERS and Authorities (such as The FBI, CIA e.t.c) it is possible and the only way to recover your money.
✅FIRMWARE are a group of hackers who use their hacking skill to hunt down SCAMMERS and help individuals recovery their money from Internet SCAMMERS.
We just need the contact details of the SCAMMERS and Paymnet Info and within 4-8 hours your money will be return to you.
This are services we offer-:
🟢Crypto scam money recovery
🟢lost loan money recovery
🟢money laundry recovery
🟢Device hack
🟢Bank issues
🟢Access to school/company/fellowship/organization files
🟢Lost cars tracking
🟢fraud payment
🟢Access to cheating husband/wife device
🟢extending and subtracting of stamped file concerning a giving end line period of time
🟢tracing and recovering lost emails/conversations/contacts / and accessories
ETC
✳️ You can contact us via the emails below-:
firmwarehacks@gmail.com
Firmwarehacks@gmail.com
FIRMWARE HACKERS ©️
2022 All right reserved ®️
I'm here to express my utmost gratitude for SPYHOST CYBER SERVICE. One subject of concern to worry about is who to trust with personal information and money in a world full of evil and deceits. For me, SPYHOST CYBER SERVICE came through. I pledged to publicize their service to the world. I made a large BTC investment with an improper profile and was unable to withdraw my money. I could no longer withdraw and my life became unpleasant. I could only see my proper balance. After reading so many positive reviews about SPYHOST CYBER SERVICE, I made the decision to give them a try to see if they could recover my BTC. To my surprise, they successfully did it, and I am completely delighted. Kindly update SPYHOST CYBER SERVICE if you find yourself in a similar predicament to get your money back: (Spyhost@cyberdude .com)
It Tears me Up Whenever we receive complaints from Clients About Their Experience With the Hackers They Met Before They Heard about us.
These Days There Are alot of Hackers Online, You Just Have to Be Careful about who you meet for help, because many people now don't know who to ask for help anymore but there's actually a solution to that which I am giving you for free, Don't go out there seeking for Hackers Yourself, Because the probability of getting a Real Hacker Out there Is Very Slim . ❌❌ ❌ Most Of Them are actually not who they say they're, they are just here to Rip people Off, You Can Always Identify Them With Their False Advertisements and False Testimonies Trying To Lure you Into their Arms, And most of them use yahoomails, gmails and other cheaper email providers which could easily expose their vulnerabilities, Please Don’t Fall For Them�� Come To Think Of It, Why would a Legit Hacker Be using a gmail or a cheap email provider that exposes his vulnerabilities????⚠️⚠️⚠️
Well, Our Purpose Here Is To Link You Up With Top Legit Hackers With Great Online Reputations and Impressive LinkedIn Profiles That’ll Blow Your Mind.
☑️ COMPOSITE FOCALHACKSEAL SECURITY SPECIALISTS is here to Provide you with The Best Hackers, So you can get saved from The Arms of the Fake Hackers❌❌.
☑️All our Specialists are well experienced in their various niches with Great Skills, Technical Hacking Strategies And Positive Online Reputations And Recommendations��
They hail from a proven track record and have cracked even the toughest of barriers to intrude and capture all relevant data needed by our Clients.
We have Digital Forensic Specialists, Certified Ethical Hackers, Software Engineers, Firmware Security Experts, Private investigators and more. Our Goal is to make your digital life secure, safe and hassle free by Linking you Up With these great Professionals such as JACK CABLE, ARNE SWINNEN, SEAN MELIA, DAWID CZAGAN, BEN SADEGHIPOUR And More. These Professionals are Well Reserved Professionals who are always ready to Handle your job with great energy and swift response so that your problems can be solved very quickly.
All You Need to Do is to send us a mail and we’ll Assign any of these specialists to Handle your Job immediately.
☑️ Below Is A Full List Of Our Services:
▪️ FUNDS RECOVERY ON SCAM INVESTMENTS, BINARY OPTIONS TRADING and ALL TYPES OF SCAMS.
▪️ WEBSITE AND DATABASE HACKING ��
▪️ CREDIT REPAIR. ��
▪️ PHONE HACKING & CLONING (giving you �� Unnoticeable access to everything Happening on the Target’s Phone)
▪️ CLEARING OF CRIMINAL RECORDS ❌
▪️ SOCIAL MEDIA ACCOUNTS HACKING ��
▪️RECOVERY OF DELETED FILES ��
▪️LOCATION TRACKING ��
▪️BITCOIN MINING ⛏ And lot More.
☑️ CONTACT:
.....
focalhackseal@gmail.com
��2023 © composite firmware specialists
��Want faster service? Contact us!
��All Rights Reserved ®️
I wish every business operated with transparency, integrity and trust like Spyhost Cyber Service as to me, that is the greatest dignity to humanity. I got to work with them when I lost $388k of my savings to a bogus broker. It was really hectic trying to retrieve my account and I was very skeptical about trusting anyone again. Though reluctant but i gave Spyhost Cyber Service a chance after reading recommendations online and they really showed their dignity through all forms of transparency and i will also want to thank them for their great hacking prowess. They made use of modern blockchain forensic tools to map the activity of scammers who ripped me
through my email and am so grateful for trusting them for they did an astounding job and they are more than capable of solving many common problems concerning
different coins and recovering passwords. Don't waste your time with unprofessional hackers and reach SpyHost Cyber Service via:
EMAIL: Spyhost@cyberdude. com
Post a Comment