SQL Injection Exploitation in Multiple Targets using Sqlmap

In this article we are going to perform sql injection attack on multiple target through sqlmap In the tutorial I had used two buggy web dvwa and Acurat (vulweb.com).  Start dvwa  and select sql injection vulnerbility here type user ID and click on submit, now copy the url. Start kali linux then create a text… Continue reading →
The post SQL Injection Exploitation in Multiple Targets using Sqlmap appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/sql-injection-exploitation-multiple-targets-using-sqlmap/

Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin)

Burp CO2 is an extension for the popular web proxy / web application testing tool called Burp Suite, available at Portswigger. You must install Burp Suite before installing the Burp CO2 extension. The CO2 extension includes a variety of functionality to enhance certain web penetration test tasks, such as an interface to make interacting with SQLMap more efficient and less… Continue reading →
The post Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin) appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/sql-injection-exploitation-sqlmap-burp-suite-burp-co2-plugin/

Brute Forcing Multiple Databases using HexorBase

HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ). HexorBase allows packet routing through proxies or even metasploit pivoting antics to communicate with remotely… Continue reading →
The post Brute Forcing Multiple Databases using HexorBase appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/brute-forcing-multiple-databases-using-hexorbase/

Hack the Pentester Lab: from SQL injection to Shell VM

Today we are going to perform penetration testing in another lab, download it from here. Now install the iso image in VM ware and start it. The task given in this lab is to gain access of administration console and upload PHP webshell. Start your Kali Linux then open the terminal and type netdiscover command… Continue reading →
The post Hack the Pentester Lab: from SQL injection to Shell VM appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/hack-pentester-lab-sql-injection-shell-vm/

Exploiting the Webserver using Sqlmap and Metasploit (OS-Pwn)

This artilce is about how to use sqlmap for sql injection to hack victim pc and gain shell access. Here I had perform sql attack to gain three different type of  shell (meterpreter; command shell; VNC ) Requirement: Xampp/Wamp Server                                                                                                            DVWA Lab Kali Linux: Burp suite, sqlmap tool  Very first you need to install DVWA… Continue reading →
The post Exploiting the Webserver using Sqlmap and Metasploit (OS-Pwn) appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/exploiting-webserver-using-sqlmap-metasploit-os-pwn/

Web Penetration Testing Lab setup using XVWA

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be “Xtremely Vulnerable”. We recommend hosting this application in local/controlled environment and sharpening your application security ninja skills with any tools of your own… Continue reading →
The post Web Penetration Testing Lab setup using XVWA appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/web-penetration-testing-lab-setup-using-xvwa/

Command Injection Exploitation through SQL Injection using Sqlmap in DVWA

In this article we will see how to perform command injection using sqlmap and try to execute any cmd command through sqlmap if web server is having sql vulnerability.  Requirement: Xampp/Wamp Server                                                                                                            DVWA Lab Kali Linux: Burp suite, sqlmap tool              Very first you need to install DVWA lab in your XAMPP or WAMP server, read… Continue reading →
The post Command Injection Exploitation through SQL Injection using Sqlmap in DVWA appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/command-injection-exploitation-sql-injection-using-sqlmap-dvwa/

Meterpreter Shell uploading in DVWA using SQl Injection

This article is exactly same as previous article; today I will make use of sqlmap to upload backdoor filein DVWA suffering from sql injection vulnerbility. Requirement: Xampp/Wamp Server DVWA Lab Kali Linux: Burp suite, sqlmap tool Very first you need to install DVWA lab in your XAMPP or WAMP server, read full article from here Now… Continue reading →
The post Meterpreter Shell uploading in DVWA using SQl Injection appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/meterpreter-shell-uploading-dvwa-using-sql-injection/

Shell uploading through sql Injection using Sqmap in bWAPP

Multiple times you people have used sqlmap for sql injection to get database of web server. Here in this tutorial I will show you how to upload any backdoor if the website is suffering from sql vulnerability. Requirement: Xampp/Wamp Server bWAPP Lab Kali Linux: Burp suite, sqlmap tool Firstly you need to install bWAPP lab… Continue reading →
The post Shell uploading through sql Injection using Sqmap in bWAPP appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/shell-uploading-sql-injection-using-sqmap-bwapp/