Learn how to dump database of injectable urls using sql injection & tool sql dumper, then if we get password in plain text we will have our combo ready but if got in hash format/encrypted we will dehash them with find my hash tool.