+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: HOw to get somali-books.com customers info etc? (/Thread-HOw-to-get-somali-books-com-customers-info-etc)
HOw to get somali-books.com customers info etc? - aabee - 01-28-2013
Code:
Target: http://www.somali-books.com/Bookdetails.php?id=12
Host IP: 193.202.110.140
Web Server: Apache
Powered-by: PHP/5.3.20
DB Server: MySQL >=5
Resp. Time(avg): 81 ms
Current User: somali_books_co@srv140.one.com
Sql Version: 5.1.63-0+squeeze1
Current DB: somali_books_co
System User: somali_books_co@srv140.one.com
Host Name: mysql135
Installation dir: /usr/
DB User: 'somali_books_co'@'%'
Data Bases: information_schema
somali_books_coRE: HOw to get somali-books.com customers info etc? - Charon - 01-28-2013
You need to gain acces to their database, I'd suggest scanning the site. ( You can do this manually or automatic with Acunetix for example)
And if the site has any vulnerabilities exploit them! ( Be sure to stay save though!)
RE: HOw to get somali-books.com customers info etc? - 3SidedSquare - 01-29-2013
Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
RE: HOw to get somali-books.com customers info etc? - i0xIllusi0n - 01-29-2013
(01-29-2013, 01:35 AM)3SidedSquare Wrote: Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
Out of all the SQL Injection tools, Havij is the worst piece of shit I've seen.
RE: HOw to get somali-books.com customers info etc? - Bannedshee - 01-29-2013
(01-29-2013, 01:45 AM)i0xIllusi0n Wrote:(01-29-2013, 01:35 AM)3SidedSquare Wrote: Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
Out of all the SQL Injection tools, Havij is the worst piece of shit I've seen.
Didn't you used to use that "piece of shit"?
RE: HOw to get somali-books.com customers info etc? - i0xIllusi0n - 01-29-2013
(01-29-2013, 01:46 AM)Cyber-Savage Wrote:(01-29-2013, 01:45 AM)i0xIllusi0n Wrote:(01-29-2013, 01:35 AM)3SidedSquare Wrote: Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
Out of all the SQL Injection tools, Havij is the worst piece of shit I've seen.
Didn't you used to use that "piece of shit"?
I did. Never said I didn't.
RE: HOw to get somali-books.com customers info etc? - Bannedshee - 01-29-2013
(01-29-2013, 01:49 AM)i0xIllusi0n Wrote:(01-29-2013, 01:46 AM)Cyber-Savage Wrote:(01-29-2013, 01:45 AM)i0xIllusi0n Wrote:(01-29-2013, 01:35 AM)3SidedSquare Wrote: Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
Out of all the SQL Injection tools, Havij is the worst piece of shit I've seen.
Didn't you used to use that "piece of shit"?
I did. Never said I didn't.
Don't you still use it?
RE: HOw to get somali-books.com customers info etc? - i0xIllusi0n - 01-29-2013
(01-29-2013, 01:55 AM)Cyber-Savage Wrote:(01-29-2013, 01:49 AM)i0xIllusi0n Wrote:(01-29-2013, 01:46 AM)Cyber-Savage Wrote:(01-29-2013, 01:45 AM)i0xIllusi0n Wrote:(01-29-2013, 01:35 AM)3SidedSquare Wrote: Look up "SQL injection", looks like you already have a vulnerable column, so just exploit the rest of the database.
Or use havij if you're lazy.
Out of all the SQL Injection tools, Havij is the worst piece of shit I've seen.
Didn't you used to use that "piece of shit"?
I did. Never said I didn't.
Don't you still use it?
No. I haven't used Havij since I joined DWG. Switched to SQLMap.