♻Credit cards can be hacked by two methods( what I know)
1. By spamming.
2. By using Database hacking techniques( SQL injection, cross site scripting, Remote file Inclusion)
♻In this tutorial I will teach you Database hacking by SQL injection (I will use SQLi from now).
⚠Note Databases are like excel so don't be confused if I talk about rows and columns.
Things you will need
1⃣Havij SQL injection Tool
2⃣A SQL vulnerable site
3⃣A very important thing you will need: your mind
Checking for SQL vulnerability
♻Now to check if a site is vulnerable to a verbose SQL injection, a hacker will simply add ‘ (apostrophe) after the site url like this:
http://site.com/products.php?id=2′
and the hacker will get this error on the site
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\” at line 1
♻It means that site is vulnerable to SQL injection.
Exploiting the vulnerable site
♻Open Havij and paste site url in target field and hit enter.Now wait for Havij to get all the databases of the website.Now the hacker clicks on available database of site and click on Get Tables.
♻By clicking Get Tables Havij will look after the tables available in the database.Now after the scanning Havij will get all tables, now the main work will start , you must check if the table available with a name that has something to do with credit card, financial details,usually its in the table orders.
select it and then click on Get Columns.
♻Now after clicking Get Columns havij will get all the columns available in orders table. You might find different columns like country, name, credit card number and many more.Now select the columns and click on Get Data.
♻Now havij will look after the data available in the column and dump it. This data is the credo card info. You can use havij to dump other colums like username and password if available
No comments:
Post a Comment