In this tutorial we will learn how anyone can hack a shopping website database and extract credit card information(s) of their Customers. This tutorial only for education purpose.
Required things.
How to find vulnerable sites?
Exploiting and dumping data
Enjoy | Follow us for more...
Required things.
- Havij 1.16 Pro (or higher)
- SQLi-DB
- Carding Dorks(CLICK)
- Vulnerable Sites
How to find vulnerable sites?
- To find vulnerable sites, you need to use the SQLi-DB and the carding dorks.
- Copy one of the dorks and paste it in SQLi-DB
- Set up the setting and click on the "scan" button
- Once you the scanning starts, the result will be shown in the textboxt as below
- Click on Vulnerable to filter the result and only show the vulnerable results
Exploiting and dumping data
- Now, you need to run Havij as administrator and follow the steps below
- Paste the vulnerable site in the target TextBox on Havij and click Analyze
- Once the process finished, you will see something (databse) on your Havij log box
- Click on Tables>Get Tables and you will see all the tables that are in the database
- Now, look for a table named "Orders" or something similar. Tick the table and click on Get Columns
- You will get the columns that are in the table "Orders". Now tick on something that related to credit cards information, such as cc_number , cc_type , cc_expired_year , cc_expired_month , and cvv or cvv2. Once you're done, click on Get Data
- Just wait for the dumping progress and you will get the informations
Enjoy | Follow us for more...
No comments:
Post a Comment