deco191
Penetration Lab Creator
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 2
1000 XP
First we start by opening SQLi dumper v.7
Now please delete all current dorks you have on dork box.
and open 2014 google dorks. Copy all and paste to dork box
no you can't start yet.
Now you want to go tools&setting tab and then proxy tab.
Now unstick "enable proxy".
Yes you're ready to start now.Go back to online scanner tab. But don't forgot "don't never change thread amount, always keep it like it is".
Go ahead and hit Start scanner. Now you see if dumper will start adding links.
Think that's it? No it's not even close to end. Now if all urls are scanned or if you stop after you have good amount of urls [etc lets say 100k urls or so]
Now click on Exploitables tab. What do you need to do here? NOTHING. click start exploiter and wait until urls have been scanned against exploit. Don't worrie there is more steps.
Now lets start with finding injectable sites. There is one note! Stick all unions!
and start analizer.
Got some injectable urls? COOOL .
Lets start looking for database to dump.
What you need to do is : right click on ulr and click "go dumper".
Found database? Cool.
What you need to do? Click on database and then click "get tables"
Got a lot of tables? Have no idea what to do now? Ehh i will explain obv.
Oki , now most common shit you want to find is "Users/User", "Memebers/Member" or "Customers/Cusomer" , something what have something to do with users. Found it? Wolaa cool, now go ahead and click on table and click "get columns" . Now you obv want to see users, pass or email, pass, or w.e is close to username/email and password.
Oh i found username and password, what i do now?
Now please delete all current dorks you have on dork box.
and open 2014 google dorks. Copy all and paste to dork box
no you can't start yet.
Now you want to go tools&setting tab and then proxy tab.
Now unstick "enable proxy".
Yes you're ready to start now.Go back to online scanner tab. But don't forgot "don't never change thread amount, always keep it like it is".
Go ahead and hit Start scanner. Now you see if dumper will start adding links.
Think that's it? No it's not even close to end. Now if all urls are scanned or if you stop after you have good amount of urls [etc lets say 100k urls or so]
Now click on Exploitables tab. What do you need to do here? NOTHING. click start exploiter and wait until urls have been scanned against exploit. Don't worrie there is more steps.
Now lets start with finding injectable sites. There is one note! Stick all unions!
and start analizer.
Got some injectable urls? COOOL .
Lets start looking for database to dump.
What you need to do is : right click on ulr and click "go dumper".
Found database? Cool.
What you need to do? Click on database and then click "get tables"
Got a lot of tables? Have no idea what to do now? Ehh i will explain obv.
Oki , now most common shit you want to find is "Users/User", "Memebers/Member" or "Customers/Cusomer" , something what have something to do with users. Found it? Wolaa cool, now go ahead and click on table and click "get columns" . Now you obv want to see users, pass or email, pass, or w.e is close to username/email and password.
Oh i found username and password, what i do now?
