Hacking a website using SQL injection
Today i am gonna show you how to hack a website using sql injection.To find SQL vulnerable sites
Now Lets start
Things you will need
1. Havij SQL injection Tool
:Downlod from HERE
:Downlod from HERE
2. A sql vunerable site,
3. A very important thing i.e mind
Exploiting the vulnerable site
1. Open Havij and paste site url in target field and hit enter
.
2. Now wait for Havij to get all the databases of the website.
3. Now click on available databse of site and click on Get Tables
4. By clicking Get Tables Havij will look after the tables available in the database.
5. Now after the scanning Havij will get all tables, now the main work start , you have to check it there table available named as admin, users and something similar to these words like i get usuario in my website and select it and click on Get Columns.
6. Now after clicking Get Columns havij will get all the columns available in users table.
7. In my case i found diffrent columns like id, login, pass an many more.
8. Now select the columns and click on Get Data.
9. Now havij will look after the data available in columns login and password i.e admin username and passowrd like i get
username --> adminpassword--> 21232f297a57a5a743894a0e4a801fc3 (in encrypted form)
Like in image below
10. Now after i get username and password there is a problem that passowrd i s encrypted in mdm language , so we have to crack it .
11. To crack encrypted password just copy password click on MD5 tab in havij and paste the encrypted password in MD5 hash field and hit start.Now havij will try to crack the password.
12. Now i get Password cracked as admin.
13. Now we will check for admin panel where we gonna login with username and passoword.
14. To find admin panel click Find Admin tab in Havij and click start. Now havij will check the admin panel of website.
15.open it in a web browser and login with username and password and now you are in admin panel.
Website hacking is illegal
Share This Post »»
|
|
|
Tweet |
0 comments :
Post a Comment