Website Hacking Using Havij
The technique we are going to use sql injection. For more information about the topic can be found here. I will be soon posting tutorial about manual sql injection.
Google Dorks: Google dorks are specifically query's that can reveal all the information about the specific website. I am giving you some Google dorks which you can use for finding the website vulnerable to sql injection.
inurl:index.php?id=
inurl:index.php?cat=
inurl:index.php?x=
inurl:index.php?page=
inurl:index.php?module=
inurl:index.php?p=
inurl:index.php?action=
inurl:index.php?content=
Finding target:
1) Now just paste any one of the query in Google search box you will get a lot of websites.
2) Now open any of the website so you will get the link like this.
www.somesite.com/index.php?id=12 or any number
3) We have to just add a single quote (') at the end of link so it will become some thing like this.
www.somesite.com/index.php?id=12'
4) Look closely at the page before adding single quote (') and after adding single quote (') . If the some element of the page is missing then Bingo!!! you have found a vulnerable website. Now we can start our sql injection. And if the page remains the same or show's error like page not found then it is not vulnerable and you should move to another website.
Now we have our target ready so what are you waiting for just attack.
1) First of all download Havij 1.16 from my friends blog or from here.
2) Now extract it and run it. It will look some thing like this.
3) Now paste your target in the highlighted box. And click analyze.
4) Let it analyze your target for about 5-10 minute's. and then you will see something like this.
5) Now click on "Tables" tab. You will see something like this.
6) Now click on "Get DBs" ( Make sure you have tick-marked on the first option, let it be anything ). Now wait for about a minute you will some thing like this.
7) Now tick-mark both the option's. And click on "Get Tables". And wait for some 2-3 minutes. You will get a lot of information from this. It'll look something like this.
8) Now search something sensitive like admin, users, login, passwords, and many more. Tick-mark them and click on "Get Columns". You will see something like this.
9) Now there you have user_id, password, user_name. Now tick-mark them and select "Get Data". You will see something like this.
10) Now find admin panel. And login using the user_id and password found.
0 comments: