Sunday, October 23, 2011

SQL Injection Using Havij

I have already posted a beginning guide to the SQL injection here at hackersthirst already, if you haven’t read that post then kindly do read this below, also another post is there which has list of tools commonly used for scanning sql related vulnerabilities, You can get a lot from below posts:-


Today, I am posting a tutorial using which you will be able to use a tool named as havij for sql injection. This tool is in free version you can get paid version too, However we can use this tool for free also, Now-a-days manual scanning and exploiting vulnerabilities is quite limited, hackers and pen-testers use mainly automated tools for hacking purpose, Soon you,ll see and get a series of tools related to hacking in hackersthirst.

How to use Havij for SQL injection:-

- First of all, Download havij here.
- Install havij and place the shortcut at the desktop, Now find the vulnerable website which is vulnerable to the SQL injection.You can use google dorks for this purpose, I have already told in many tutorials that what google dork is, Most common dorks for sql injection vulnerable site are:-
inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

If you want to get full list of 2000 or more sql injection dorks, then subscribe to us by email and then provide your email in comment forum below like wamiqali [at] hackersthirst.com, inorder to remain safe from robots which can harvest emails.
- After finding the vulnerable website open Havij, lets say the vulnerable site has URL:-
“http://website.com/index.php?module=pages&id=85”
- After opening Havij paste the above URL like this i-e of vulnerable Site:-
havij 1
- After that hit “Analyze” and thus it will scan site that whether sql injection is possible or not. For security reason I have not shown the name of site which I will use for tutorial purpose.
- It will tell you the type of server and also the type of OS running on the server and will give a message like :- Target Vulnerable Open-mouthed smile if the site is vulnerable.
- Now go to “Tables” and “Get Database” and after getting data bases check all of them and hit “Get Tables” After getting tables of DB’s , select the admin table and hit “Get Columns” , after getting columns now a hacker can check the password and username column and can hit “Get Data”, See pic Below to understand all the button used:-
buttons Havij
- Now a You will get data in encrypted form , like mostly in “md5 hash” but we can decrypt it easily by using havij or other online tools present, After decrypting md5 , you have to find “admin page” using havij, in the pic below see the buttons for decrypting md5 and finding admin page, Point the browser to the admin page, where you have to put the decrypted “password” and “username” of the admin to login into the website.
admin-md5
admin-md5
- Thus after successful login into the website as admin the hacker can do whatever he wants.
So, Automated tools have also great importance you can also check your own website for the vulnerability. And yes better is to use your skills in right direction because a real hacker is one who thinks for the benefits not for desctruction, Thanks Smile