ok there is this site ending with index1.php how do i extract data from its servers
Forum Thread: How Do I Extract Data from a Website
- Hot
- Active
-
Forum Thread: When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen. 8 Replies
2 days ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
1 wk ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 2 Replies
1 mo ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
1 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
2 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
2 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
3 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
3 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
3 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
3 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
3 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
4 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
4 mo ago -
Forum Thread: How to Run and Install Kali Linux on a Chromebook 18 Replies
5 mo ago -
Forum Thread: How to Find Admin Panel Page of a Website? 13 Replies
6 mo ago -
Forum Thread: can i run kali lenux in windows 10 without reboting my computer 4 Replies
6 mo ago -
Forum Thread: How to Hack School Website 11 Replies
6 mo ago -
Forum Thread: Make a Phishing Page for Harvesting Credentials Yourself 8 Replies
6 mo ago -
Forum Thread: Creating an Completely Undetectable Executable in Under 15 Minutes! 38 Replies
7 mo ago
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Brute-Force Nearly Any Website Login with Hatch
-
How To: Find Vulnerable Webcams Across the Globe Using Shodan
-
How To: Use SQL Injection to Run OS Commands & Get a Shell
-
How To: Automate Wi-Fi Hacking with Wifite2
-
How To: Dox Anyone
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
BT Recon: How to Snoop on Bluetooth Devices Using Kali Linux
-
How To: Find Identifying Information from a Phone Number Using OSINT Tools
-
How To: Hack Apache Tomcat via Malicious WAR File Upload
-
How To: Enumerate SMB with Enum4linux & Smbclient
-
Hack Like a Pro: How to Find Directories in Websites Using DirBuster
-
How to Hack Wi-Fi: Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To: Find Anyone's Private Phone Number Using Facebook
-
How To: Scan Websites for Interesting Directories & Files with Gobuster
-
How To: Perform Advanced Man-in-the-Middle Attacks with Xerosploit
-
The Hacks of Mr. Robot: How to Spy on Anyone's Smartphone Activity
-
How To: Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
-
Android for Hackers: How to Backdoor Windows 10 Using an Android Phone & USB Rubber Ducky
9 Responses
You want to extract data from the backend database?
yes
That is a pretty generic question. There isn't any simple, nor single answer that would suffice. I would suggest that you start reading and learning first, so that you understand what you are doing and why you are doing it. A good place to start would be right here on this site.
Well said, David.
any tips?
If you want my opinion, I would start with the basics. There isn't any magical method to gain access. There are so many ways that may accomplish your goal (e.g. SQL Injection, exploitation of a vulnerable service, exploit an OS vulnerability, heck you may be able to simply alter the HTML form data and reset a password for a known user if the website offers that functionality). The point is that you must understand the basics before you can even begin to know what you can do.
That being said, if you are looking at concentrating on web applications and servers, OWASP offers an extensive amount of information with actual step-by-step instructions for testing different known vulnerabilities. In addition, they used to offer a vulnerable web application called Webgoat that allows you to practice. There are, as some of the posts here have pointed out, vulnerable and old versions of different operating systems that can be downloaded and used for practice. Set up a test lab (there are posts here on doing that). This is a great site to learn. Remember, the people here that are great at what do they do have invested the time; it takes lots of practice, they didn't get their knowledge over night.
My two cents anyway...
:-)
well if its a back-end database i dont know but its a 000webhost website my own site i wanted to test
Try using sqlmap.
ok
Share Your Thoughts