(adsbygoogle = window.adsbygoogle || []).push({}); This is by far the easiest way to SQL inject a website!

1. Download Havij- You must login or register to view this content. and install
2. Find a vulnerable site with the .php?id=123 sort of ending that gives an error when you add a ' to the url.
3. You must login or register to view this content. Hit analyze.
4. Have some tea or whatever while it's working
5. If it says Target Vulnerable at the bottom, you're good to go.
6. When you get this, You must login or register to view this content.
7. Hit 'Get Tables' and wait till you find users or admin or whatever the DB with the admin info is.
8. Check said table, and hit 'Get Columns' and wait until you find columns, and then check appropriate columns, like so, and hit get data. You must login or register to view this content.
9. If you have a hash and/or don't know where the admincp is, use 'Find Admin' / 'MD5'
10.Congrats!

-Doublefacepalm- You need Acunetix for scanning sites not havij.

Triplefacepalm: it says in the tut you can use havij to scan to see if sites are vulnerable. Also the program (I have it), says you can scan a certain website for vulnerability.

Someone save this child

You try it/download the program then. Then you come back to me.

And I understand, I'm shit at SQL injecting. Hence why I've come here to LEARN.

And, I'm not a child. The term child is used too often here and people think it's an insult when it only means you are a certain age, whereas you can't actually predict people's ages as they use good grammar, etc. Outsider, for example, I know people who think he's in his 30s... He's only about 22...

Your in the wrong place to learn then lol I'm not trying to be a dick or anything I'm just saying when you paste the url into havij the url your suppose to be pasting in the vulnerable link.

As it says in the tut... "You put in the URL, then press *a button* to check it's vulnerability, if it says SQL Injection available, then carry on!" (or something along those lines).

Have you even got the program that he's mentioned?

What were you having issues with? Sorry, I just got back.

I've had it before this was posted.

Finding a vulnerable site. I had a look at some vids on YouTube by typing in Google: inurl:example.php/id=

Then it comes up with loads, but Havij says that they are NOT vulnerable.

---------- Post added at 07:23 PM ---------- Previous post was at 07:22 PM ----------



Then you've probably got an outdated version..