How to Hack a Website in Backtrack / Kali Linux

Hack a Website in Backtrack / Kali Linux

Kali Linux / Backtrack

First off, you need to have Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you'll need to install Sqlmap on your own. Now if you dont have kali Linux or backtrack the download links will be posted at the bottom of this post. You also need to search and scan for a vulnerable website GO HERE.

Sqlmap

Basically its just a tool to make Sql Injection easier. Their official website  introduces the tool as -"sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections."
A lot of features can be found on the SqlMap website, the most important being - "Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems." That's basically all the database management systems. Most of the time you'll never come across anything other than MySql. 

OK NOW LET'S START!!

1)Boot into your Kali linux machine. Start a terminal, and type 
sqlmap -h

2) It lists the basic commands that are supported by SqlMap.
To start with, we'll execute a simple command
sqlmap -u <URL to inject>. In our case, it will be
sqlmap-u http://testphp.vulnweb.com/listproducts.php?cat=1

3) Sometimes, using the --time-sec helps to speed up the process, especially when the server responses are slow.
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15

Either ways, when sqlmap is done, it will tell you the Mysql version and some other useful information about the database.

The final result of the above command should be something like this.
Note: Depending on a lot of factors, sqlmap my sometimes ask you questions which have to be answered in yes/no. Typing y means yes and n means no. Here are a few typical questions you might come across-
  • Some message saying that the database is probably Mysql, so should sqlmap skip all other tests and conduct mysql tests only. Your answer should be yes (y).
  • Some message asking you whether or not to use the payloads for specific versions of Mysql. The answer depends on the situation. If you are unsure, then its usually better to say yes.

Enumeration

Database

In this step, we will obtain database name, column names and other useful data from the database.
List of  a few common enumeration commands
So first we will get the names of available databases. For this we will add --dbs to our previous command. The final result will look like 
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --dbs

 So the two databases are acuart and information schema.

Table

Now we are obviously interested in acuart database. Information schema can be thought of as a default table which is present on all your targets, and contains information about structure of databases, tables, etc., but not the kind of information we are looking for. It can, however, be useful on a number of occasions. So, now we will specify the database of interest using -D and tell sqlmap to enlist the tables using --tables command. The final sqlmap command will be

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables

The result should be something like this -
Database: acuart
[8 tables]
+-----------+    | artists   |
| carts     | 
| categ     |
| featured  |
| guestbook |
| pictures  |
| products  |
| users     |
+-----------+

Now we have a list of tables. Following the same pattern, we will now get a list of columns.

Columns

Now we will specify the database using -D, the table using -T, and then request the columns using --columns. I hope you guys are starting to get the pattern by now. The most appealing table here is users. It might contain the username and passwords of registered users on the website (hackers always look for sensitive data).
The final command must be something like
sqlmap -u http://testphp.vulnweb.com/listproducts.phpcat=1 -D acuart -T users --columns


The result would resemble this-

Data

Now, if you were following along attentively, now we will be getting data from one of the columns. While that hypothesis is not completely wrong, its time we go one step ahead. Now we will be getting data from multiple columns. As usual, we will specify the database with -D, table with -T, and column with -C. We will get all data from specified columns using --dump. We will enter multiple columns and separate them with commas. The final command will look like this.

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C email,name,pass --dump


Here's the result



4 comments :

  1. Computer Expert Hackers: How To Hack A Website In Backtrack / Kali Linux >>>>> Download Now

    >>>>> Download Full

    Computer Expert Hackers: How To Hack A Website In Backtrack / Kali Linux >>>>> Download LINK

    >>>>> Download Now

    Computer Expert Hackers: How To Hack A Website In Backtrack / Kali Linux >>>>> Download Full

    >>>>> Download LINK

    ReplyDelete

  2. Certain hacking processes for both laptops and phones can help track down everything your partner types. You can also try hiring TOMCYBERGHOST@GMAIL.COM monitoring that will give you complete access to their device. It can be the ultimate tech to bust your cheating spouse. However, keep in mind that these assistance are an infringement of privacy and can have legal ramifications.

    ReplyDelete

  3. I won’t stop recommending tomcyberghost@gmail.com for the great work I had noticed that my husband had been cheating on me but I never for once thought it could be with my best friend cause we talked every day and always together whenever I was not at work and I told her many things about my family not knowing my husband and she takes advantage of my absence whenever I leave for work I tried using different tracking apps but didn’t get what I wanted. But with the help of this hacker, I gained access to my husband’s phone.

    ReplyDelete
  4. You can reach out for some hacking assistance from this software genius hacker at Tomcyberghost@gmail.com if you're having infidelity issues in your relationship and wish to expose your cheating partner, if your funds are hanging in online trading platforms like expert-option, cal financial, Analyst, coin spot, Ctx Prime and many more, he fixes and improve credit score, hack on at the base server, hacks all social media accounts as well, his services are legit and affordable, you can also reach him through email and also on Text/WhatsApp +1 (404) 941-6785, he's a legit and reliable hacker, his customer service and efficiency is top notch.

    ReplyDelete