Hello bro, see you again: v … this time I will share how to falsify the web with DroidSQLi
Ok, let’s go straight, the ingredients to prepare:
2. Target targets, you can work on Google yourself, here I will give 2 examples of fool:
Inurl: “index.php? Id =”
Inurl: “data.php? Id =”
3.Patience: v
4. Coffee + Udud so as not to be bored: v (not necessary)
If everything is ready, go straight to the steps, pay attention step by step:
1. Find targets with SQLI vulnerable. please do your thing on google
You can add a flag (‘) behind the url to test if the website is open. Example: www.target.com/index.php?id=3 then add a flag to www.target.com/index.php?id=3 ‘and press enter, If an error occurs or your SQL has an error the syntax if the message appears; For the correct syntax to use ” near the line, see the guide corresponding to your MySQL server version
This means that the website is weak or we can falsify it using DroidSQLI.
If it’s not rude, we can search other websites and do the same.
2. Open DroidSQLi application, enter your target in the “Destination URL” column
Here is my goal as an example: http://www.zuurbier.com/newsitem.php?id=32 ‘
Then press the inject button.
3. Let the app run the target until it’s finished, it will take some time, but don’t press anything, let alone exit the app.
Just be quiet while drinking coffee and wait for the results.
4. When finished, the database will appear.
5.Open database, for example mine [nrginl_zuurbier]. Making a choice [information_schema]because usually there is nothing in it.
6. If it is on, a screen like the following will appear:
7. We need to find admin data, usually found in table_admin or table_user, just search for those related to admin.
So coincidentally my admin data here is in the users section (remember! Every website is different), we just open it.
If correct, the admin data storage area will appear
8. All you have to do is check the data you want to learn from the administrator, for example I just check everything and then click “Retrieve Records”
Now when done, the admin data will be found from id, username and password.
But the password is still a hash password, what is a password hash? This is a password that is not the original password, but the website owner has already hacked it as a random password in a tool / web.
Quiet!! Don’t worry yet, we just need to get the password back to get the original password😂, like this:
Click on this link: https://hashkiller.co.uk/md5-decrypter.aspx
then there will be a screen like this
Enter the password we found in the droidsqli column on the left and enter the captcha to make sure you are not a robot wkwkwk and then click “send”
So if it works, it is written in green, if it fails, it is written in red.
And until successful so far, look at the original password I gave an arrow in the picture below, only the green color, others ignore it.
Now everything is over, we need to find the admin login to continue with the manipulation. Search yourself 🙂 I don’t know what the login location looks like: v.
If the login location is difficult to find …. You can search by searching your own Google or you can also search online tools or the admin locator login app, I haven’t had time to find it, for now you are just searching on Google.
This is teacher. See you at the next hacking tutor: D
Choose one