Hello Every One, how are you?
Today, I well show you How to Find sql injection in your server and test exploiting in Back Box Linux using tools Tnscan. This method lets you extract website vuls sql injection with the path..
What is sql injection (sqli) ?
SQL Injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application’s database server (also commonly referred to as a Relational Database Management System – RDBMS). Since an SQL Injection vulnerability could possibly affect any website or web application that makes use of an SQL-based database, the vulnerability is one of the oldest, most prevalent and most dangerous of web application vulnerabilities.
What is sqlmap ?
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Video Tutorial : How to Find sql injection in your server and test exploiting
Download tools tnscan
to run scripte : python tnscan.py 127.0.0.1
Start find sqli : choose 8
and enter
Enjoy 😉
tnx for watching video ^_^
good luck
good luck
0 Reviews:
Post Your Review