So now i am gonna tell you how to hack SQL vulnerable websites using HAVIJ PRO (easy way)
First of all download HAVIJ PRO from here:
First of all download HAVIJ PRO from here:
STEPS:
1) Goto google.com and use google dorks to find SQL vulnerable sites.
1) Goto google.com and use google dorks to find SQL vulnerable sites.
Here are some google dorks for SQL injection
2) When the site is loaded enter an apostrophe (') or "%27" in the end of the URL of the site.
3) And you will get an error! SQL error! If you get that error it means the site is vulnerable to SQL injection!
4) Now copy the URL except %27
e.g Just copy "http://www.skitm.edu.in/faculty.php?id=2"
5) Now open HAVIJ and PASTE the URL in the TARGET box and click ANALYZE and then wait...
6) When HAVIJ finds every ype of info and stops loading then go to TABLES TAB.
7)Then select any DATABASE (it is selected by default) and click "Get Tables"
8) Then you will get all the Tables! Now select any interesting Table and click "Get Columns"!!!
e.g admins,users,tbladmin...
9) Now here are the columns of "user" table:-
Select both "username" and "password" columns and click "Get Data"
10) Now when you will get all the database(usernames and passwords) click FIND ADMIN ! and click START...!
11) Now go to the admin panel of the website and type in the username and password you just stoled!
12) Now here you are in the ADMIN PANEL of the WEBSITE!
Now you can do whatever you want..!
4) Now copy the URL except %27
e.g Just copy "http://www.skitm.edu.in/faculty.php?id=2"
5) Now open HAVIJ and PASTE the URL in the TARGET box and click ANALYZE and then wait...
6) When HAVIJ finds every ype of info and stops loading then go to TABLES TAB.
7)Then select any DATABASE (it is selected by default) and click "Get Tables"
8) Then you will get all the Tables! Now select any interesting Table and click "Get Columns"!!!
e.g admins,users,tbladmin...
9) Now here are the columns of "user" table:-
Select both "username" and "password" columns and click "Get Data"
10) Now when you will get all the database(usernames and passwords) click FIND ADMIN ! and click START...!
11) Now go to the admin panel of the website and type in the username and password you just stoled!
12) Now here you are in the ADMIN PANEL of the WEBSITE!
Now you can do whatever you want..!
ENJOY...:)
Thanks 4 visiting our Blog!
Download link isn't working at all. so could you please show up another one ?
ReplyDelete