Bao is hacking for fun, I use a trick on Google to infiltrate the SQL file that stores the database of a website, depending on the victim, I can collect the login user/password of the Website member or Email/ Password.
| Join the channel Telegram of the AnonyViet 👉 Link 👈 |
I will use the prefix ext to search for SQL files containing the character @gmail.com followed by a sequence of MD5 encrypted passwords. The structure of using Google Dork is as follows:
ext:sql intext:@gmail.com intext:25f9e794323b453885f5181f1b624d0b
Explain:
ext:sql -> search on google which websites to expose SQL files
intext:@hotmail.com –> Next, look in the SQL file you just searched for, is there any text that is @hotmail.com or not
intext:e10adc3949ba59abbe56e057f20f883e –> if there is @hotmail.com, is there this sequence of characters behind it? This is the sequence of password characters encrypted with MD5, which translates as: “12345689”
If the password encrypted by MD5. You can use the website http://md5cracker.org/ paste the encoding character in to reverse the encoding. However, depending on the available dictionary of the Web, not all passwords can be translated.
Demos are as follows:
Step 1: Paste the above Dork snippet into the Google Search bar:
Step 2: Choose any website you like, with a .sql extension behind it
Step 3: After accessing the Web you will see a text forest, scroll down to find where there is an encrypted Email and Pass, then Copy it, then go to the MD5 decompiler page to decrypt the password.
