How To Make Combos - The Professional Method [TRICK]

Necessary Tools

Kali Linux
Highly Recommended for hacking and cracking. If you don’t already have a Kali VM, I’ve provided a download link.
V3n0m
Awesome Dork scanning tool. I’ve provided the link to the Github page and a setup tutorial.(v3n0m tutorial)
Sqlmap
Usually comes preinstalled on Kali Linux, however, I’ve provided a Github link.

Scanning Tutorial

Firstly, you need to have dorks, and if you want HQ combo lists, you need HQ dorks, which you can get any time using Dorker4.
Once you have your Dorks you need to get those over to Kali Linux.
Now you have to setup v3n0m, hopefully, you downloaded all the prerequisites and you can setup v3n0m. To setup v3n0m you have to first open a terminal window and cd into the V3n0m-Scanner folder. Now enter these commands:

Code:

python3.5 setup.py build
###WAIT UNTIL IT SAYS ITS FINISHED###
python3.5 setup.py install

Assuming you set everything up correctly you need to open the Kali File Manager and go to the V3n0m-Scanner/src/static folder.
In there you will see a text document called d0rks.txt you need to open that file and paste in your dorks. Don’t use the included dorks, they’re not that great.
After you have pasted your dorks in now you have to open a terminal window and you have to cd into V3n0m-Scanner/src you want to now start the scanner. Use the command:

Code:

python3.5 v3n0m.py

Now you should be ready to use v3n0m. You should see a menu. Press 1 on your keyboard and then enter once more, then I usually type 0 for max efficiency but, it’s up to you how many dorks you wish to use. Then for threads, I max out at 500, for max efficiency. Then type 20 and enter. Then watch v3n0m scan. v3n0m will scan and then eventually it will say its finished, you want to choose 1, SQL Testing, this will print injectable sites, which is exactly what we need.

Dumping Tutorial

Now that you have found a site from v3n0m that you want to dump you want to use sqlmap. Here is a sqlmap tutorial. YouTube
Once you have dumped your list you may be noticed that sqlmap saved it as a CSV and instead of username:password it saved as username, password. To fix this I go to
This Site I divide the list using the delimiter, and then put the list back together with the delimiter.

Happy Learning :blush:

Regards, SaM

21 Likes

SQL Map video is not working…here is an alternative:
https://www.youtube.com/watch?v=yPMbb38pwVI

1 Like

Thanks, Video is blocked in some places. but video is fine you can use Proxy if it’s not playing. anyways, I replaced the link with mine, let’s save peoples time. :blush:

2 Likes

Yeah finally the forum is stepping into the hacking side. Thank you @SaM

1 Like

Great Share Sam.

1 Like

@SaM , bro , I’m kinda novice in this thing… I really want to know what is it about as it seems to be quite interesting… Plz help me out…