ok there is this site ending with index1.php how do i extract data from its servers
Forum Thread: How Do I Extract Data from a Website
- Hot
- Active
-
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
2 days ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 2 Replies
3 wks ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
3 wks ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
2 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
2 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
2 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
3 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
3 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
3 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
4 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
4 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
5 mo ago -
Forum Thread: How to Find Admin Panel Page of a Website? 13 Replies
6 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
6 mo ago -
Forum Thread: How to Hack School Website 11 Replies
6 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
6 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
7 mo ago -
Forum Thread: Hacking with Ip Only Part [1] { by : Mohamed Ahmed } 5 Replies
8 mo ago
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To: Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To: Create a Persistent Back Door in Android Using Kali Linux:
-
How to Hack Wi-Fi: Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Hacking Windows 10: How to Dump NTLM Hashes & Crack Windows Passwords
-
The Hacks of Mr. Robot: How to Send a Spoofed SMS Text Message
-
How To: Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To: Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Use Ettercap to Intercept Passwords with ARP Spoofing
-
BT Recon: How to Snoop on Bluetooth Devices Using Kali Linux
-
Tutorial: Create Wordlists with Crunch
-
How To: Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To: Brute-Force Nearly Any Website Login with Hatch
-
How To: Spy on Traffic from a Smartphone with Wireshark
-
How To: Use Command Injection to Pop a Reverse Shell on a Web Server
9 Responses
You want to extract data from the backend database?
yes
That is a pretty generic question. There isn't any simple, nor single answer that would suffice. I would suggest that you start reading and learning first, so that you understand what you are doing and why you are doing it. A good place to start would be right here on this site.
Well said, David.
any tips?
If you want my opinion, I would start with the basics. There isn't any magical method to gain access. There are so many ways that may accomplish your goal (e.g. SQL Injection, exploitation of a vulnerable service, exploit an OS vulnerability, heck you may be able to simply alter the HTML form data and reset a password for a known user if the website offers that functionality). The point is that you must understand the basics before you can even begin to know what you can do.
That being said, if you are looking at concentrating on web applications and servers, OWASP offers an extensive amount of information with actual step-by-step instructions for testing different known vulnerabilities. In addition, they used to offer a vulnerable web application called Webgoat that allows you to practice. There are, as some of the posts here have pointed out, vulnerable and old versions of different operating systems that can be downloaded and used for practice. Set up a test lab (there are posts here on doing that). This is a great site to learn. Remember, the people here that are great at what do they do have invested the time; it takes lots of practice, they didn't get their knowledge over night.
My two cents anyway...
:-)
well if its a back-end database i dont know but its a 000webhost website my own site i wanted to test
Try using sqlmap.
ok
Share Your Thoughts