How to Hack website using SQLi Injection -- Full Tutorial + Software

Its a Dream for Everyone who is Interested in Computers to "HACK Something".

In this Tutorial,
I am Going to Teach you how  to Hack a Website using an SQLi attack. This attack is a famous attack. But there are no complete tutorials available on this.

So in this tutorial i am going to teach you how to perform this attack on a Vulnerable Site.

What all Do you need to perform this Attack?

Well, You need an Internet Connection , Havij 1.5 (Click to DOWNLOAD)  and a Bit brain.

So to Begin with You need to Find a Website which is "HACKABLE".

Go to www.google.com and type "newsitem.php?id=140220"


Now Click on any Link

When the Page Loads  you can the URL of the Website Like This



Now add a Single quote ( ' ) to the URL and Press Enter

So,Now your URL looks LIKE this [ http://www.10ccworld.com/newsitem.php?id=140220' ]

Now,You can See an Error Message Like This or Any other Similar Error Message


 
WOW!!!! This Website is "HACKABLE"

Now,Open Havij 1.5 and You get a Screen like This



Copy and Paste the Website URL in the Target :  Text box and click on Analayze


Wait for Sometime and You will can See the Databases Found

Now you have got the the Database Access

So, Now Click on Table button


Click on Get Tables and You can See all the Table Information

Click on Any Table (Here i Choose users) and Click on Get Coloumn

Now,Click on Get Data to See all Details
Wow!!!!! You found Username and Password details of a Website.....

To Find More "HACKABLE" websites use these texts in google

    index.php?id=
    trainers.php?id=
    buy.php?category=
    article.php?ID=
    play_old.php?id=
    declaration_more.php?decl_id=
    pageid=
    games.php?id=
    page.php?file=
    newsDetail.php?id=
    gallery.php?id=
    show.php?id=
    staff_id=
    newsitem.php?num=
    readnews.php?id=
    top10.php?cat=
    historialeer.php?num=
    reagir.php?num=
    Stray-Questions-View.php?num=
    forum_bds.php?num=
    game.php?id=
    view_product.php?id=
    newsone.php?id=
    sw_comment.php?id=
    news.php?id=
    avd_start.php?avd=
    event.php?id=
    product-item.php?id=
    sql.php?id=
    news_view.php?id=
    select_biblio.php?id=
    humor.php?id=
    aboutbook.php?id=
    ogl_inet.php?ogl_id=
    fiche_spectacle.php?id=
    communique_detail.php?id=
    sem.php3?id=
    kategorie.php4?id=
    faq2.php?id=
    show_an.php?id=
    preview.php?id=
    loadpsb.php?id=
 

 Happy Hacking........................................... :)


 

Comments

  1. Unknown4 December 2014 at 18:46

    Cool stuff man!!!Thanks for your effort in sharing your knowledge!!!

    ReplyDelete

Post a Comment

Popular posts from this blog

Hack Wifi with Fern Wifi Cracker

Image
          Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library , the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks Operating System Supported The Software runs on any Linux machine with the programs prerequisites , But the program has been tested on the following Linux based operating systems: Ubuntu KDE/GNOME BackTrack Linux BackBox Linux Prerequisites The Program requires the following to run properly: The following dependencies can be installed using the Debian package installer command on Debian based systems using "apt-get install program" or otherwise downloaded and installed manually Aircrack-NG Python-Scapy Python Qt4 Python Subversion Xterm Reaver (for WPS Attacks) Macchanger Features Fern Wifi Cracker currently supports the foll
Read more

Linux Shell Script to count no of occurrences of a digit in a number

Image
This Code is a Linux shell script to count no of occurrences of a digit in a number .So What Exactly this Program Does. This Shell Script will first accept Ask the user to Enter A number .Then it Asks the user to Enter the digit of which the occurrence is to be found. then it displays the no of occurrences in the number. for example if the user Enters a number "34565" and he wants to find how many times the digit "5" is repeated in the number "34565" so he executes this piece of codes and gets the answer as "2" Code is Given below (save it as occur.sh) ___________________________________________________________________________________________ #to count the occurrences in a give n digit c=0 echo "Enter Number " read num x=$num echo "Enter the digit whose occurance has to be found " read digit while [ $num -ne 0 ] do rem=`expr $num % 10` if [ $rem -eq $digit ] then c=`expr $c + 1` fi num=`expr $nu
Read more

How to Decompile JAR files and View Source Code of Java Programs

Image
In software terms, JAR (Java Archive) is a package file format typically used to aggregate many Java class files and associated metadata and resources (text, images, etc.) into one file to distribute application software or libraries on the Java platform. Typically, The Contents of any JAR file can be viewed by Extracting the JAR file with the Help of Tools like WinZIP or WinRAR . Once You have successfully extracted the contents of the JAR file . you will get a lot of Files with file extension " .class " and these class files are not in Human Readable Format. So, to Overcome this problem and to view the original JAVA source code hidden inside these class files stored inside the JAR file container ,we use a tool called JD-GUI . JD stands for "Java Decompiler" . It is a standalone graphical utility that displays Java source codes of “ .class ” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods
Read more