What is Spartan Pro V1 3 Exploit Scanner and How to Use It
Spartan Pro V1 3 Exploit Scanner is a powerful tool that can help you find and exploit vulnerabilities in web applications. It can scan, inject, crack, find, and check various types of exploits, such as SQL injection, XSS, CSRF, LFI, RFI, shell upload, and more. It can also perform MD5 cracking, admin finder, shell checker, and other useful features.
In this article, we will show you how to use Spartan Pro V1 3 Exploit Scanner to perform a web application penetration test. We will assume that you have already downloaded and installed the tool on your system. If not, you can download it from this link [^1^].
Step 1: Launch the Tool
To launch the tool, simply double-click on the Spartan.exe file. You will see a window like this:
As you can see, the tool has a simple and intuitive interface. You can access the main functions from the menu bar or the buttons on the left side. You can also see the scan results and the exploit details on the right side.
Step 2: Enter the Target URL
To start scanning a web application, you need to enter the target URL in the URL box at the top. For example, we will use http://testphp.vulnweb.com as our target. You can also enter multiple URLs separated by commas or load them from a file.
After entering the target URL, click on the Scan button to start scanning. You will see a progress bar at the bottom showing the scanning status. You can also pause or stop the scan at any time.
Step 3: Analyze the Scan Results
When the scan is finished, you will see a list of URLs with their status codes and exploit types on the right side. You can click on any URL to see more details about the exploit. For example, we clicked on http://testphp.vulnweb.com/listproducts.phpcat=1 which has an SQL injection exploit.
As you can see, the tool shows us the vulnerable parameter (cat), the injection type (error-based), the database type (MySQL), and the payload used to trigger the exploit. You can also see some buttons at the bottom that allow you to perform various actions on the exploit, such as:
Inject: This will open a new window where you can inject custom SQL queries and view their results.
Dump: This will dump all the data from the database tables related to the exploit.
Crack: This will crack any MD5 hashes found in the data using an online service.
Find: This will find any admin pages or login forms related to the exploit.
Check: This will check if the exploit is still working or not.
Step 4: Exploit the Vulnerability
Depending on your goal and permission, you can use any of these buttons to exploit the vulnerability further. For example, we clicked on Inject to open a new window where we can execute custom SQL queries.
In this window, we can see a query box where we can enter our SQL queries. We can also see some buttons that allow us to perform some common tasks, such as:
Show Databases: This will show all the databases on the server.
Show Tables: This will show all the tables in the current database.
Show Columns: This will show all the columns in the current table.
Show Data: This will show all the data in the current table.
Union Select: This will generate a union ec8f644aee