[Carding] Tutorial Carding with Havij
Things required:
- Havij 1.16 Pro
- SQLi-DB
- Carding Dorks
- Vulnerable Sites
How to find vulnerable sites?
To find vulnerable sites, you need to use the SQLi-DB and the carding dorks.
- Copy one of the dorks and paste it in SQLi-DB
- Set up the setting and click on the "scan" button
- Once you the scanning starts, the result will be shown in the textboxt as below
- Click on Vulnerable to filter the result and only show the vulnerable results
Version 1 Version 2
Exploiting and dumping data
Now, you need to run Havij as administrator and follow the steps below
- Paste the vulnerable site in the target TextBox on Havij and click Analyze
- Once the process finished, you will see something like in the image below on your Havij log box
- Click on Tables>Get Tablesand you will see all the tables that are in the database
- Now, look for a table named "Orders" or something similar. Tick the table and click on Get Columns
- You will get the columns that are in the table "Orders". Now tick on something that related to credit cards information, such as cc_number ,cc_type , cc_expired_year ,cc_expired_month , andcvv or cvv2. Once you're done, click on Get Data
- Just wait for the dumping progress and you will get the informations
Post a Comment