3 ways to hack a database

Table of contents:

3 ways to hack a database
3 ways to hack a database

The best way to make sure your database is protected from hackers is to think like a hacker. If you were one, what kind of information would you like to find? How would you go about finding them? There are many different types of databases and different ways to hack them, but most hackers will try to find the password or start a program that exploits a weak point in the database. If you are comfortable with SQL statements and have a basic knowledge of how databases work, you may be able to hack one.


Method 1 of 3: Use SQL injection

Hack a Database Step 1

Step 1. Ask yourself if the database is vulnerable

You will need to have some knowledge of declarations to use this method. Open the database login page in your browser and type '(an apostrophe) in the field for the username. Click on Register. If you see an error that says "SQL Exception: quoted string not properly terminated" or "invalid character", the database is vulnerable to SQL injections.

Hack a Database Step 2

Step 2. Find the number of columns

Go back to the login page (or any URL that ends in "id =" or "catid =") and click on the browser's address bar. After the URL, press the space bar and type

ORDER by 1

, then tap Enter. Change the 1 to a 2 and press Enter again. Keep increasing this number until you get an error. The number of columns is the number you entered before the one that caused the error.

Hack a Database Step 3

Step 3. Find the columns that accept requests

At the end of the URL in the address bar, change the

catid = 1


id = 1

and put

catid = -1


id = -1

. Press the space bar and type

UNION SELECT 1, 2, 3, 4, 5, 6

(if there are six columns). The numbers you put there must match the number of columns and each must be separated from the others by a comma. Hit Enter and you will see the numbers in each column that will accept the query.

Hack a Database Step 4

Step 4. Inject SQL statements

For example, if you want to know the current user and if you want to inject in the second column, you must delete everything after "id = 1" in the URL before pressing the d bar. 'space. Then type

UNION SELECT 1, CONCAT (user ()), 3, 4, 5, 6--

. Press Enter and you will see the name of the current user on the screen. Use any SQL statement to display information, such as a list of usernames and passwords to crack.

Method 2 of 3: Hack database password

Hack a Database Step 5

Step 1. Try to connect to the root

Some databases do not have a root password by default, so you might be able to access them by leaving the password field blank. Others have default passwords which you can easily find by researching appropriate forums.

Hack a Database Step 6

Step 2. Try common passwords

If the administrator has secured the database with a password (which is usually the case), try a combination of username and common password. Some hackers post lists of passwords they've cracked using verification tools online. Try different combinations of usernames and passwords.

  • For example, https://github.com/danielmiessler/SecLists/tree/master/Passwords is a popular site where you will find lists of passwords.
  • You're probably going to waste some time trying out passwords by hand, but it's worth a try before you take out the heavy artillery.
Hack a Database Step 7

Step 3. Use a password verification tool

There are many tools you can use to try out thousands of combinations of words in a dictionary and letters, numbers, or symbols to crack a password.

  • Some tools like DBPwAudit (for Oracle, MySQL, MS-SQL and DB2) and Access Passview (for MS Access) are very well known tools that you can use on most databases. You can also do a Google search to find new tools specifically designed for the database you are interested in. For example, you can search

    password audit tool oracle db

    if you hack into an Oracle database.
  • If you have an account on the server that hosts the database, you can run password cracker software like John the Ripper to find it. The location of the hash file is different depending on the database.
  • Only download software from sites you trust. Research these tools before using them.

Method 3 of 3: Use vulnerabilities in databases

Hack a Database Step 8

Step 1. Find a suitable program

Sectools.org is a suite of security tools (including the ones you are interested in now) that have been around for over ten years. Their tools are recognized and used by administrators all over the world for security testing. Check out their operations database (or find a similar site you trust) to find tools or text files that will help you find database breaches.

  • You can also try www.exploit-db.com. Go to their site and click on the link Search, then search for the type of database you want to hack (eg Oracle). Type the captcha code in the appropriate field and do a search.
  • Research the programs you want to use so you know what to do if something goes wrong.
Hack a Database Step 9

Step 2. Find a vulnerable network with wardriving

Wardriving involves driving (or walking or cycling) in an area to scan WiFi networks with a tool (like NetStumbler or Kismet) to find one without protection. Technically, this is completely legal. What is not legal is to use the network you have found for illegal purposes.

Hack a Database Step 10

Step 3. Use this network for your hack

If you want to do something that you're not really supposed to do, you'd better do it from a network that isn't your own. Connect to an open network that you found through wardriving and use hacking software that you downloaded.


  • Always keep sensitive data behind a firewall.
  • Make sure you protect your wireless networks with a password so that yours cannot be used for hacking.
  • Find other hackers and ask them for tips. Sometimes the best hacking techniques are not found on Internet forums.


  • Understand the law and the consequences of your actions in your country.
  • Never try to gain illegal access to a machine from your own network.
  • It is illegal to access a database that is not yours.

Popular by topic