our next two, we're gonna be using a sequel. Suss sequel Suss can be found on Callie to automatically
there's some steps that we're gonna have to take. So
for sequel Suss, you have to type Sequels us attack G first to create the CONFIG file
and then name it whatever you want. Well, we're gonna name that attack.
After that, we're gonna nano that attack file to read it.
And once we go to edit it, we wanna change the Earl start toward Target page.
After we do that, we're gonna type sequel Such attack that calls the config file that we create it. So whatever you call your convict file, that's what you'll take there.
We're gonna tape start, and then we're gonna type get item,
ask her to show us all the available items that we could get.
It's going to show it were able to get tables. So and then we're gonna tape get tables. There's good shows, the columns, and we're gonna see a calm for user's. Then we're gonna type get columns users
After that, we're gonna type select everything from users. Thio, get the passwords. Let's go check it out
So it's a sequel says here
some basic commands here.
So we want to do a sequel.
and the configuration successfully saved to attack.
Now we're gonna type nano
We're gonna open up that convict file.
Now, if we come down here,
we see you or else start now, in between these double quotations where we're gonna put are you Earl
Gum Paste And are you were all from before. Then we're gonna hit control X.
Let's go ask. Do you want to save? Were so yeah. Yeah, we want to save
file name too. Right?
Attack You hit, Enter
and we go back. We type sequel cess
and the session has been created
Next we're gonna type start
and it has pulled some targets for us.
So we're able to see the version
user and the database Here,
And here's some items we can get. So it says, Hey, you can get tables so say get
we have users as one of the tables we can get.
now we've gotten the columns. So we say, Hey, they have ID's names, age group ideas and passwords.
we want to get the database here. We want to dump this information.
So we're gonna dio is a little secret query here Gonna say Select everything
all the names and all the passwords for this website. Once you've gathered your information,
So it was covered in this video
What we discussed exploding sequel injection manually
and then we discussed see exploiting it with tools than the two tools were used. We're sequel map and sequel Suss Happy acting, everyone.