Hello! Today I will show u how to make SQL Injection and grab USR and PSW with jSQL software (with Kali Linux).
For this tutorial I will use official acunetix vulnerability site.
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).
Hidden Content
[1] We need a vulnerable site (u can use to find vuln sites google dorks for SQL).
So anyway what we're looking for is a page that ends with
id=1 or ID=any number you want.
Now u see Acunetix vuln site is: . Click in artists and see site URL, then click in r4w8... now u see page that ends with artist=1
[Image: Screenshot-from-2022-10-14-09-20-45.png]
[2] In URL after "artist=1" add this ' --> artist=1'
And u will see MySQL error!
[Image: Screenshot-from-2022-10-14-09-21-03.png]
[3] Open jSQL tool and paste URL (wihout ' ) in textbox and press ENTER
if everything is ok you will see the base.
[Image: Screenshot-from-2022-10-14-09-22-19.png]
[4] Now we click on first base and see the tables
[Image: Screenshot-from-2022-10-14-09-22-41.png]
[5] We have table "users". Click and check the box what would you like to see. I mark uname, emal and password. Then click right button on table USERS and ---> Load.
Now we watching users data
[Image: Screenshot-from-2022-10-14-09-23-47.png]
[6] Go back to the site. Click on Signup in left side menu. and use uname and pass from jSQL
[Image: Screenshot-from-2022-10-14-09-26-32.png]
And Done! Mission completed Big Grin ..
[Image: Screenshot-from-2022-10-14-09-26-46.png]
If u like this tutorial I will make PT2 for DB dumping...
[Image: 13667775-592445390934293-1344403591061451959-o.jpg]
For this tutorial I will use official acunetix vulnerability site.
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL is free, open source and cross-platform (Windows, Linux, Mac OS X, Solaris).
Hidden Content
[1] We need a vulnerable site (u can use to find vuln sites google dorks for SQL).
So anyway what we're looking for is a page that ends with
id=1 or ID=any number you want.
Now u see Acunetix vuln site is: . Click in artists and see site URL, then click in r4w8... now u see page that ends with artist=1
[Image: Screenshot-from-2022-10-14-09-20-45.png]
[2] In URL after "artist=1" add this ' --> artist=1'
And u will see MySQL error!
[Image: Screenshot-from-2022-10-14-09-21-03.png]
[3] Open jSQL tool and paste URL (wihout ' ) in textbox and press ENTER
if everything is ok you will see the base.
[Image: Screenshot-from-2022-10-14-09-22-19.png]
[4] Now we click on first base and see the tables
[Image: Screenshot-from-2022-10-14-09-22-41.png]
[5] We have table "users". Click and check the box what would you like to see. I mark uname, emal and password. Then click right button on table USERS and ---> Load.
Now we watching users data
[Image: Screenshot-from-2022-10-14-09-23-47.png]
[6] Go back to the site. Click on Signup in left side menu. and use uname and pass from jSQL
[Image: Screenshot-from-2022-10-14-09-26-32.png]
And Done! Mission completed Big Grin ..
[Image: Screenshot-from-2022-10-14-09-26-46.png]
If u like this tutorial I will make PT2 for DB dumping...
[Image: 13667775-592445390934293-1344403591061451959-o.jpg]
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding