How to Hack a Database

Use SQL injection

Identify database weaknesses. You need to be good at handling database commands to be able to apply this method. First, open the database web interface login screen in your browser and type '(a single quote) into the user name field. Click 'Login'. If the error 'SQL Exception: quoted string not properly terminated' or 'invalid character' appears, this means the database is vulnerable to compromise. by SQL injection technique.

Find the number of columns. Return to the database login page (or any other URL ending in 'id=' or 'catid=') and click on the browser address bar. After the URL, press space and enter order by 1then press ↵ Enter. Increase number 2 and press ↵ Enter. Keep increasing until you get an error. The actual column number is the number entered before the number that the system reports an error.

Find columns that accept variables. At the end of the URL in the address bar, change catid=1or id=1to catid=-1or id=-1. Press space and enter union select 1,2,3,4,5,6(if there are 6 columns). You need to enter numbers increasing up to the total number of columns, and each column is separated by a comma. Press ↵ Enter, the number of each column will accept variables.

Inject SQL commands into columns. For example, if you want to know the current user and inject content into column 2, delete everything after the id=1 part in the URL and press space. Then, enter union select 1,concat(user()),3,4,5,6--and press ↵ Enter, the user name of the current database will display on the screen. Select the SQL command to get the information you need, such as a list of usernames and passwords to crack.

Crack the database's high-level password

Try logging in as a super user with the default password. Some databases do not have a super password (admin) by default, so you can leave the password field blank. Others have default passwords that are easily found on database technical support forums.

Try common passwords. If the administrator protects the account with a password (which is very common), you can try common username/password combinations. Some hackers publicly post lists of passwords they crack using auditing tools. Try several username and password combinations.

The page https://github.com/danielmiessler/SecLists/tree/master/Passwords is famous for its many lists of passwords that hackers have collected.

Manually guessing a password can take time, but you can try it before applying more complicated methods because it doesn't cost anything.

Use a password checker. You can use many different tools to try thousands of combinations of vocabulary and characters/letters/numbers using brute force attacks until the password is cracked.

DBPwAudit (for Oracle, MySQL, MS-SQL, and DB2) and Access Passview (for MS Access) are popular password auditing tools that can work on most databases. You can also Google newer password checkers that are specific to certain databases. For example, if you are hacking an Oracle database then search for the keyword password audit tool oracle db.

If you have an account on the server hosting the database, you can execute a hashing tool like John the Ripper to decrypt the database's password file. The location of the hash file will vary from database to database.

Only download tools from sites you trust. Do some research online about the tool you choose before using it.

Database attack.

Find exploits to execute. Sectools.org is a website that compiles a list of security tools (including exploits) that have been in operation for over ten years. Their tools are quite reputable and are used by many system administrators around the world to test network security. Browse their 'Exploitation' directory (or other reputable site) to find tools or text files that can help you attack database vulnerabilities.

Another site providing exploits is www.exploit-db.com. Visit the website above and click the Search link to search for the type of database you want to hack (such as 'oracle'). Enter the Captcha code in the box provided and search.

You need to carefully research all exploits you will try to be able to manage in case problems arise.

Find vulnerable networks to access (wardriving). Wardriving is the act of driving (or even cycling or walking) around an area and using a network scanning tool (like NetStumbler/Kismet) with the intention of finding unsecured networks. Basically, this behavior does not violate the law. But arbitrarily accessing the internet and doing illegal things is possible.

Use an exploit to attack the database from the network you just accessed. If you're planning on doing something you shouldn't, using your home network isn't a good idea. Find and access unsecured Wi-Fi, then attack the database with the exploit you have researched and selected.