Latest Exploits

Hacking websites using SQL Helper.

, Posted by Sahil™ at 1/14/2010 02:24:00 AM

Well as we know the term sql injection is the term which we use to hack web sites but for that we must know the some codes exploits and issue in web sites for that we have to spent lots of time on that moreover we must have good knwoledge of sql database too
but if any body dnt know the sql and how to inject the site with in sql i have an option for that kinda innocent people liek me lol
anyway just on the start up of my post i just wanna say we can hack and inject any site with out involving in the hard coding and etc with the help of sql helper

Here We Start :-


first you need to find the potential website that you think it might be possible to hack it. Remember that some websites are simply uncrackable/unhackable

Check if your website can be hacked by trying to go this address :
http://encycl.anthropology.ru/article.php?id='1 <------ notice the ' before the number 1.

You will get this:
Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname

This mean that this website can be hacked because you get an error.


so now you have a site which can be hacked good now download sql helper software

i am giving you SQLHelper version 2.7 if u find latest version or anything further come on with bang :)

Download link :- http://uploading.com/files/VT1KFQHF/SQLIHelperV.2.7.rar.html
 Now open the SQL HELPER
and paste the link :- http://encycl.anthropology.ru/article.php?id=1

Hit the Target button
Now you should wait until the tool finish searching for columns . Time may vary depending on your connection speed , your pc speed , and the number of columns in the website.
So now you should have this:-

 

select any element from the "database name" box and press the Get tables button




then select any element from the "table name" box and press the "Get columns" button , I will select "user":

 

now click on dump now
and dan select the user and pasy from whle database



after doing the above step u will get the admin in hash content
just like dat!


Use any hash converter site to convert this hash into layman language
like www.milw0rm.com

if you have any query please feel free to comment in comment box.

Bookmark and Share

Currently have 0 comments:

Leave a Reply

Post a Comment