HOW TO HACK/DEFACE/GET SENSTIVE DATA FROM SQL INJECTION ATTACK VECTOR!

January 25, 2019

HOW TO HACK/DEFACE/GET SENSTIVE DATA FROM SQL INJECTION ATTACK VECTOR!

WARNING: ONLY FOR EDUCATION PURPOSE! I AM NOT RESPONSIBLE FOR ANY DAMAGE MADE BY YOU! YOU WILL END UP IN JAIL ! AND YOU A** WILL BEATEN OFF! PLZ DONT TRY THIS SHIT ON ANY SITE!!!! UNLESS YOU ARE AUTHORIZED FROM THE ADMIN TO DO SO!

WHAT BASIC THINGS YOU NEED!

1. INTERNET AND SQL INJECTION VULNERABLE SITE!

2. ANY LINUX DISTRO WITH SQLMAP ( FOR AUTOMATED TESTING)

3. BASIC COMMON SENSE!

HOW TO FIND IF THE SITE IS VULNERABLE!

There are many ways to find if the site is vulnerable .. (telling u the most simplest one)

1. If you observe a web url that is of the form http://testphp.vulnweb.com/listproducts.php?cat=1, where the ‘GET’ parameter is in bold, then the website may be vulnerable to this mode of SQL injection, and an attacker may be able to gain access to information in the database

note the site i am testing is meant for testing purpose only it is legal to test this site!

2. putting a ' or * sign on end of url

for ex http://testphp.vulnweb.com/listproducts.php?cat=1' OR

http://testphp.vulnweb.com/listproducts.php?cat=1*

then the site will show syntax error ..

hence site is vulnerable!

u can see in pic given below

3. using sql map

fire up your linux

open up terminal

to install sql map type

 sudo apt-get install sqlmap

now lets try to get database of site!

use command

if the site is vulnerable then it will automatically show you the full database!!!!! :-)

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs

We get the following output showing us that there are two available databases. Sometimes, the application will tell you that it has identified the database and ask whether you want to test other database types. You can go ahead and type ‘Y’. Further, it may ask whether you want to test other parameters for vulnerabilities, type ‘Y’ over here as we want to thoroughly test the web application.

We observe that their are two databases, acuart and information_schema

Step 2: List information about Tables present in a particular Database
To try and access any of the databases, we have to slightly modify our command. We now use -D to specify the name of the database that we wish to access, and once we have access to the database, we would want to see whether we can access the tables. For this, we use the –tables query. Let us access the acuart database.

use command

 sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 
-D acuart --tables

In the above picture, we see that 8 tables have been retrieved. So now we definitely know that the website is vulnerable. LOL

Step 3: List information about the columns of a particular table

If we want to view the columns of a particular table, we can use the following command, in which we use -T to specify the table name, and –columns to query the column names. We will try to access the table ‘artists’.

Step 4: Dump the data from the columns
Similarly, we can access the information in a specific column by using the following command, where -C can be used to specify multiple column name separated by a comma, and the –dump query retrieves the data

 sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1
-D acuart -T artists -C aname --dump

From the above picture, we can see that we have accessed the data from the database. Similarly, in such vulnerable websites, we can literally explore through the databases to extract information

so here is the full step wise article about testing a site! don't use it for non ethical purpose coz sitting in jail locker is not a good idea!!

Search This Blog

THETIMELOOPS

ad1