Hello everyone, I need help with something.
About a week ago a cyber/gaming cafe opened near my school, there is WiFi ofcourse so i decided to snoop around the network with zANTI for Android. I found out there is a cash register or something like that connected, there are multiple remote hosts connected to it, after using password complexity audit with the http-get protocol i got a password and username Root/sa123456. When i press it Connectbot comes up and says "connecting to 192.168.56.1" something like that, after some time nothing happends. I still need to look around the network. The router that is being used is Cisco with 2 ports on it one is 80 and other one is 81.
When I open the 80 port it redirects me to the router login screen after trying multiple admin passwords it wouldn't connect to it. I also found out that the main pc is vulnerable to SQL attacks.
I would like to know is it possible to access the SQL database.
9 Responses
This is probably black hat. So it's illegal. Don't do that.
We do not promote or aid any black hat related activity. At the front page, you should see:
Null Byte
The aspiring white-hat hacker/security awareness playground
TRT
Right...
yes possible to access the sql database,check out Master OTW articles on db hacking.............
Dont do anything illegal
Its not illegal actually I know the owner of the place, his son is my friend and I have told him that I found some possible vulnrabilities, I have full permision from the owner himself.
You should check out the articles about database hacking.
Apply only if you have full permission. Don't do illegal stuff mr. Pantelija.
Then get a written contract by him stating that you can do this.
Get Kali Linux Live CD and boot into a computer that's on the LAN.Since it's a Cyber Cafe that won't be a problem right?Then just use Owasp zap on the 192.168.XXX.XXX or whatever is the Local Address of the main PC.Don't do anything illegal :)
What do i do after that?
Any tips
Share Your Thoughts