Monday, September 20, 2010

Hack a WebSite With sqli helper V2.7

0

In This Tut i Will Help u with hacking a Website
First Off all u Need
1.SQL Helper V2.7 (Google It)
2.Exploit Scanner
3.Havij For Admin Finder And MD5
4.Dorks If u want i can post them here


DOwnload some tools u may need....




Download them all at
or
or
or
or
password: www.reiluke.i.ph




lets Start xD

Open Exploit Scanner and Put at Dorks Space One Of Those
///////////////////////////////////////
trainers.php?id=
article.php?ID=
play_old.php?id=
declaration_more.php?decl _id=
Pageid=
games.php?id=
newsDetail.php?id=
staff_id=
historialeer.php?num=
product-item.php?id=
news_view.php?id=
humor.php?id=
communique_detail.php?id=
sem.php3?id=
opinions.php?id=
spr.php?id=
pages.php?id=
chappies.php?id=
prod_detail.php?id=
viewphoto.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
///////////////////////////////////////
Wait 1 Min and Sites Will Come Up After it Say's Finished press at Test
And Wait Another Minute xD
After that it will find a Vuln Sites Like This


DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Test Some Site You Should Get this
Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname


After Getting These That Mean The Site is Vuln
Open SQL Helper V2.7
Add The Site just like in the Picture
Add Target Then inject
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Leave it one minute Till the Tool searching for columns . (Time may vary depending on your connection speed , your pc speed , and the number of columns in the website.)

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Make sure that the website support union otherwise the injection won't work.
If u get this you are okay till now xD
Now We Will press Get DataBase
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm


Now select any element from the "database name" box and press the "Get tables" button , I will select "anthropo_encycl":
DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm




then select any element from the "table name" box and press the "Get columns" button , I will select "user":

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

then select any elements you want from the "columns name" box and press "Dump Now" , i will select "usr_login" and "usr_pass"

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

Then A Screen With Number Will POP up Dont Worry its Called MD5 u can see them online
http://www.md5crack.com/
But i prefer Havij cause its guarantee
So Hope u Like My Tut Thanks For Reading Remember say thanks xD



0 comments:

Post a Comment

 
Design by ThemeShift | Bloggerized by Lasantha - Free Blogger Templates | Best Web Hosting