Ad End 1 February 2024
Ad Ends 13 January 2025
Ad End 26 February 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
Menu
What's new
By:
Filters
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

SQLi Dumper Tutorial

File_closed07

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,544
Reaction score
916
Points
212
Awards
2
  • trusted user
  • Rich User
SQLi Dumper Tutorial { Pics Included
~ By The End Of This, You'll Be Pumping Combo Lists No Issue ~

1. Downloading and Installing SQLI Dumper

This tutorial will be using SQLI Dumper v.9.0.
Your version might be different, but it will still work the same.


2. Proxies

Proxies can be found publicly via google or forums. If you want to get more advance look for a Proxy Scraper.

3. Dorks
Here is some information about Dorks and how to make them.

https://whatis.techtarget.com/definition...dork-query
https://en.wikipedia.org/wiki/Google_hacking
Dorks can also are found on Google and Forums alike.

4. Online Scanner

Getting vulnerable URLs using SQLI Dumper and Dorks.

Paste dorks:


View: https://i.imgur.com/6PBrGDt.png


Select what sites you want to grab URLs:


View: https://i.imgur.com/BwdoOvc.png


Then click "Start Scanner":


View: https://i.imgur.com/dbfohdP.png


URLs should start showing:


View: https://i.imgur.com/d6btqDD.png


5. Exploitables
Now that you have URLs in URLs Queue.
Goto Exploitables and click "Start exploiter".

6.Injectables.
Once you have a few URLs exploited.
Goto injectables and click "Start Analyzer"

You will start to see URLs select all of them and at the bottom it says
"Search Columns\Tables Names (MySQL and MS SQL) "
Enter what you want to search like so and click start:


View: https://i.imgur.com/HBVsCo0.png


A window should appear like so:


Now depending on the search mine was Email, Pass you will see

Search: Email
Rows: Number
[Number]Database.Column

In that column, If you searched Email it will look for a table with said name.
The number is how many rows(Lines) the table in the column has.
The password should have the same amount of Rows and match Database.Column .

Click and highlight the row you want to dump. Click the "Go To Dumper" drop-down button at the top then "New Dumper Instance":



7. Dumping
Once Dumper is open tick threads check box:



Then click and highlight the column and click "Get Columns"



Now look for the Table name you searched for and tick/check-mark them accordingly.
Then move Threads slider to 50 this will speed up dumping but will use more resources:



Once it's done click "Dump Data":

http://imgur.com/Z7ss9zW

Once dumping is finished click "Export Data":

http://imgur.com/lbOiE7U

Keep "Plaintext". Change "Delimiter" to "Custom :"
Then click Start and save to a location.

That's it you dumped a combo congratulations!!!!!


~ Some things can be done better in this tutorial ~

1. Getting URLs via "SQLI Dumper" is slow. You can get URLs through programs such as "Dork Searcher EZ"LINK "SQL MAP"LINK.

2. Using "SQLI Dumper" to dump rows is also slow you could speed this up using "SQL Map" LINK.

3. Learning how dorks can be private and public can make getting URLs easier. Resulting in higher quality combos.

4. You might run into some hashed passwords.
Most common way to crack hashed passwords is using "Hashcat"
Hash identify. Don't know what the hash is? Lookup using. https://hashc.co.uk/hashid
https://hashcat.net/hashcat/
https://en.wikipedia.org/wiki/Cryptograp...h_function

5. Running multiple instances.
Yes, you can dump more than one database at a time. Simply open another Dumper Instance.
The limit is your internet speed.

6. Make sure Email or Username is above password table. You can move them with the arrow buttons near "Dump Data". Failing this saving will be PASS:EMAIL and not EMAIL: PASS

7. If you get !~!1 it means the row is empty/null
 
You must log in or register to reply here.
Ad End 1 February 2024
Top