Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 389

Can Someone With Experience Answer This Because Im Hella Confused

by TheGodDemonia - 28 July, 2022 - 06:57 AM
This post is by a banned member (TheGodDemonia) - Unhide
185
Posts
40
Threads
3 Years of service
#1
Okay, so when people use dork searcher to find urls and use sqli dumper to find vulnerable websites derived from those URLs, how are people able to use injection attacks to specific databases like yahoo, or southwest airlines for instance. Do this sites have vulnerablilities? Does every site have vulnerabilities?, Im relatively new to creating my own combos, and I only seem to get 2 injectable links, and it always turns out to be some random asian website, and I just get stumped. How are people able to get databases like yahoo or aol and be able to dump combos from them? Are there better tools to do so, since ive been using SQLI Dumper 19.3, and Dork Searcher V3. I would really appreciate the help on this, thank you.
[Image: image.png]
This post is by a banned member (SirHugs) - Unhide
SirHugs  
Godlike
991
Posts
139
Threads
4 Years of service
#2
backlinks, mostly done through a phishing attack though big ones passwords are usually hashed really well and really hard to dehash so they're pointless for combos.. best bet for combo making is a phishing attack, sql injection is basically dead only shit sites now and all is hashed really well
This post is by a banned member (TheGodDemonia) - Unhide
185
Posts
40
Threads
3 Years of service
#3
(28 July, 2022 - 07:01 AM)SirHugs Wrote: Show More
backlinks, mostly done through a phishing attack though big ones passwords are usually hashed really well and really hard to dehash so they're pointless for combos.. best bet for combo making is a phishing attack, sql injection is basically dead only shit sites now and all is hashed really well

Can you please elaborate on  "phishing attack'? Thank you!
[Image: image.png]
This post is by a banned member (SirHugs) - Unhide
SirHugs  
Godlike
991
Posts
139
Threads
4 Years of service
#4
(28 July, 2022 - 07:02 AM)TheGodDemonia Wrote: Show More
(28 July, 2022 - 07:01 AM)SirHugs Wrote: Show More
backlinks, mostly done through a phishing attack though big ones passwords are usually hashed really well and really hard to dehash so they're pointless for combos.. best bet for combo making is a phishing attack, sql injection is basically dead only shit sites now and all is hashed really well

Can you please elaborate on  "phishing attack'? Thank you!

so basically theyd gather a list of the staffs emails like everyone who works there and theyd send out a mass attack of like a macro'd word file to run a rat or smthing, then once they have access theyd keep escalating they're privilege's by sending to co-worked and through the network, or for combo making you'd get a huge list of emails from a breach for example and then mass sending fake password request and getting people to enter theyre info through there, like doing it on like a massive scale would get good results

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)