Hey guys i'm looking to crack a websites database to get a list of the emails signed up to it's forum service.
It looks as if they are using Phpbb but i can't be completely sure.
So far i have tryed to sqlmap them but it came back with no sql injection opportunities.
Any other ideas?
Thanks
Forum Thread: Ways to Read Websites Database
- Hot
- Active
-
Forum Thread: How to Track Who Is Sms Bombing Me . 4 Replies
1 mo ago -
Forum Thread: Removing Pay-as-You-Go Meter on Loan Phones. 1 Replies
1 mo ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 3 Replies
2 mo ago -
Forum Thread: moab5.Sh Error While Running Metasploit 17 Replies
3 mo ago -
Forum Thread: Execute Reverse PHP Shell with Metasploit 1 Replies
4 mo ago -
Forum Thread: Install Metasploit Framework in Termux No Root Needed M-Wiz Tool 1 Replies
5 mo ago -
Forum Thread: Hack and Track People's Device Constantly Using TRAPE 35 Replies
5 mo ago -
Forum Thread: When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen. 8 Replies
6 mo ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
6 mo ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
7 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
9 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
9 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
9 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
9 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
9 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
9 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
10 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
10 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
11 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
11 mo ago
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
Hack Like a Pro: Denial-of-Service (DoS) Tools & Techniques
-
How To: Automate Wi-Fi Hacking with Wifite2
-
Rainbow Tables: How to Create & Use Them to Crack Passwords
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
Hack Like a Pro: How to Find Directories in Websites Using DirBuster
-
Steganography: How to Hide Secret Data Inside an Image or Audio File in Seconds
-
How To: Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To: Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To: Set Up a Wi-Fi Spy Camera with an ESP32-CAM
-
How to Hack Wi-Fi: Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To: Use Metasploit's Database to Stay Organized & Store Information While Hacking
-
How To: Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)
-
How To: Hack WiFi Using a WPS Pixie Dust Attack
-
How To: Hack Wi-Fi Networks with Bettercap
-
How To: Track Wi-Fi Devices & Connect to Them Using Probequest
-
How To: Find Passwords in Exposed Log Files with Google Dorks
-
How To: Fuzz Parameters, Directories & More with Ffuf
3 Responses
Reconnaisance is key to any good hack.
Information is power; how are you meant to know which hack to use if you don't even know whether the board is using phpBB or not?
ghost_
Yes! Thanks for the answer, i think you're right.
I'll get to it.
Anything in particular i should watch out for?
SQL injections aren't the only way to achieve what you want. You could also steal the administrator session with XSS for example.
Share Your Thoughts