Then press "Get Columns", you'll now get a list of columns under the selected table.Ĩ. Select any tables that you're interested in, for this case I'll select **users**. Now we have to see what's inside that table. Now we have a lists of tables, one of them called admin. Press the "Get Tables" button and wait until the process finishes. We're now going to see all of the available tables on our targets database. Houston we are go for main hacking launch.Ħ. You should be seeing something similar to the picture on the right. As long as you don't get any errors you should be able to get some information out of your site. Now put the URL of your site into the Target area of Havij and press "Analyze".ĥ. If your site is vulnerable you should get an error like the one pictured to the right.Ĥ. inurl:index.php?id= inurl:trainers.php?id= inurl:buy.php?category= inurl:article.php?ID=ģ. Open Google and use one of these Dorks below. There are some tools out there to help you, but with most problems online Google is the solution. Now that you have a copy of Havij set up we need to find vulnerable sites. You can google around for it or use the free version offered on the official website. Grab yourself a copy of Havij and set it up. It is still, however, a useful tool that many hackers keep in their arsenal for quick attacks.
Havij is seen as a Script Kiddie tool, because the user does not have to follow the regular steps on SQL injection.
Havij's GUI Havij has an easy to use GUI, pictured right, which can be used to hack into a site in a matter of seconds. It allows for a hacker to scan and exploit sites that rely on SQL. Havij - Advanced SQL Injection Penetration Testing Software
0 kommentar(er)
