sql injection on android
sql injection on android

Disclaimer: Attacking a website’s database is highly illegal without prior mutual consent, MyHacker and App Developers Won’t be responsible for your actions. This Tutorial and Tool Is Just for Penetration Testing and Ethical Purposes. – SQL Injection on android

See Also: Android Hacking Tools Megapack (FREE DOWNLOAD)

SQL Injection On Android

  • First of all, you have to download an app named DroidSQLI (Download HERE)
  • Install the app on your android smartphone
  • Now you should have little knowledge of Google dorks.Here some of the Google dorks vulnerable to SQL injection:about.php?cartID=accinfo.php?cartId=

    acclogin.php?cartID=

    add.php?bookid=

     

    inurl:gallery.php?id=

    Here get 2000+ Dorks for SQL Injection (Download Google Dorks HERE)

    Now Let’s Proceed To SQL Injection on Android

  •  Now you may want to know “what are the injection techniques DroidSQLi supports”. If yes, take a look:
  • Time based injection
  • Blind injection
  • Error based injection
  • Normal injection
Now let’s dow…
Wait…did I forget something? Yes…. I didn’t tell you how to find SQL vulnerable sites.
  •  Let’s take an example to describe the process in step by step manner:For example:1. Let’s take a google dork link
    inurl:gallery.php?id=

    2.Copy and paste this link to Google.

sql injection on android

3. Now tap on any connection that you wish to infuse with SQL for eg:

www.atozpictures.com

4. Copy the entire URL

www.atozpictures.com/pictures.php?Id=2
sql injection on android

5. Open DroidSQLi and Paste the copied URL in Target Box.

6. Now hit Inject

sql injection on android

6. Now You will see Databases Listed up, for instance here you can see 2 databases listed up. For now, we will be interested in “atozpictures” database.

7. Now Tap on all the pieces of information you want to get, ex- username, pass, email.

sql injection on android

8. Hit on “Get Records”, And Wait Few Moments. (might take some time depending on website)

sql injection on android

And here you are, with all in information inside that database, all usernames, passwords emails..

This is an experimental attack, in real life you may come up with more sensitive information like credit card details if so contact the admin of website asap (don’t get tempted by the greed of joining the dark side). <Happy Hacking/>

Recommended: Hack WiFi With Android [NO ROOT]

Also, Check out more Hacks on android

LEAVE A REPLY

Please enter your comment!
Please enter your name here


CAPTCHA Image
Reload Image