Friday, 25 October 2013

Hack Website Using SQL Injection Attack with Havij


What is SQL Injection?
SQL injection is a type of security exploit in which the attacker adds Structured Query Language (SQL) code to a Web form input box to gain access to resources or make changes to data. An SQL query is a request for some action to be performed on a database. Typically, on a Web form for user authentication, when a user enters their name and password into the text boxes provided for them, those values are inserted into a SELECT query. If the values entered are found as expected, the user is allowed access; if they aren't found, access is denied. However, most Web forms have no mechanisms in place to block input other than names and passwords. Unless such precautions are taken, an attacker can use the input boxes to send their own request to the database, which could allow them to download the entire database or interact with it in other illicit ways.
OR
SQL injection is one of the popular web application hacking method.  Using the SQL Injection attack, an unauthorized person can access the database of the website. Attacker can extract the data from the database.

What a hacker can do with SQL Injection attack?
  • Bypassing Logins,
  • Accessing secret data,
  • Modifying contents of website,
  • Shutting down the My SQL server.

How to Hack Website with SQL Injection:


Example picture for understanding the SQL Injection Attack

Step 1: Finding Vulnerable Website:

Firstly find out the website which have SQL vulnerability page, so google will help us simply search any of the dork on google.


Google SQL Dork List

After searching on google many website links will appear so open any link and you will see any website link like this


http://www.victimsite.com/index.php?id=2

Note: If you like to hack any particular website,then try this;


site:www.victimsite.com dork_list_commands


for example:


site:www.victimsite.com inurl:index.php?id=

(You can also see this tutorial for finding vulnerable site, more easily, more efficiently and less time consuming method using SQL Poizon)


Step 2: Checking the Vulnerability:

Now check the vulnerability of the target website. To check the vulnerability, add the single quotes(') at the end of the URL and hit enter.



http://www.victimsite.com/index.php?id=2'

After hitting Enter, if the page remains same or showing that page not found, then it is not vulnerable, but if you got an error message just like this, then it means that the site is vulnerable



You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1


Step 3: Find the Vulnerable columns:

Now for finding the vulnerable columns, let it be on the Havij, it will now do all the work;


Download Havij



Step 4: Finding Database and Users:

1. Open Havij and paste site URL in target field and click Analyze button,

2. Now wait for Havij to get all the databases of the website,
3. Now click on available Database of site and click on Get Tables.


4. By clicking Get Tables, Havij will look for the tables available in the database.
5. Now after the scanning Havij will get all tables,now you have to check it there table available named as admin, users and something similar to these words like i get usuario in my website and select it and click on Get Columns.


6. Now after clicking Get Columns havij will get all the columns available in users table.
7. In my case i found different columns like id, login, pass an many more.
8. Now select the columns and click on Get Data.


9. Now havij will look for the data available in columns login and password i.e admin username and password.
username --> admin password--> 21232f297a57a5a743894a0e4a801fc3 (in encrypted form)



Step 5: MD5 Hash Decrypting:

Now after i got the username and password, but there is a problem that password is encrypted in MD5 hash , so we have to crack it.

10. For cracking encrypted password just copy password click on MD5 tab in havij and paste the encrypted password in MD5 hash field and hit start. Now havij will try to crack the password.


11. Now i get Password cracked as admin.


Step 6: Find Admin Login Page:

12. Press Find Admin Button and type Homepage URL Of victim site and press Start Button.



After some time, the login page link will appear, simply copy and paste that link in your browser and use the username and password which we found out in step no. 4 and then you can login to the admin panel.

Note: Do Not Use Any Tutorial Of This Blog To Harm Anyone. This Is Only For Educational Purpose. I Will Not Be Responsible For Anything Done By You.




Do you my like Articles..?

Get Free Email Updates Daily!

Follow us!

Categories:

5 comments:

  1. If I hack my friends website, Cant I be caught!?

    ReplyDelete
    Replies
    1. It depends on which anonymity methods you have used.

      Delete
  2. says finding database but never moves? what gives?

    ReplyDelete
  3. im stuck in "Finding Current Database"

    ReplyDelete
  4. use SQLi Dumper 8.0 WAY BETTER

    ReplyDelete

Please Comment Here To Inform Us Your Review About It. Thank You