How: Hack Websites Using Havij
Hey blogger,
Stormy weather here in the Philippines. Due to tropical storm Hagupit or locally named Ruby.
But today we will not be talking about literal storms but how we can possibly be a dangerous storm to the web. here is a powerful tool for injecting sql to a website. I'm talking about Havij. you can download Havij on the link below.
First we need to find a vulnerable webpage/s we can use this google dorks to find this pages. Below is a list of google doeks you can use to search for possible vulnerable webpages.
Link: http://www.cometohack.com/2014/05/5000-fresh-google-dorks-list-for-sql_7713.html
After we have chosen a victim page we now try to test if it is vulnerable to SQL injection. we put a single quote ( ' ) to the end of the pages url. like the example below
ex. http://www.victim.com/accinfo.php?cartId=2' <= here we add the single quote.
If errors are shown in the page like sql error or something changes in the webpage then the page is vulnerable!
Now we use havij ( In opening HAvij right click and run as administrator for some computers), we paste the url to the target field on havij. Note: remove the single quote !
After havij has successfully get ta tables on websites database you can now get the columns and the data inside each columns. If passwords are encrypted you can use MD5 cracker in havij, If you need to find administrator log in you use the find Admin options..
And that's it Havij is just easy to use but very powerful. But I warn you website hacking is illegal . So hide your IP address use proxy servers.. And that's it :D
Havij Download Link Here :
Link: http://www.mediafire.com/download/oini6bcrqliolpi/Havi1-17pro%5Bwww.ajixcrew.blogspot.com%5D.rar
Password : ajixcrew
Happy Hacking :D
Credits : To all the links I have used for my post!
Stormy weather here in the Philippines. Due to tropical storm Hagupit or locally named Ruby.
But today we will not be talking about literal storms but how we can possibly be a dangerous storm to the web. here is a powerful tool for injecting sql to a website. I'm talking about Havij. you can download Havij on the link below.
First we need to find a vulnerable webpage/s we can use this google dorks to find this pages. Below is a list of google doeks you can use to search for possible vulnerable webpages.
Link: http://www.cometohack.com/2014/05/5000-fresh-google-dorks-list-for-sql_7713.html
After we have chosen a victim page we now try to test if it is vulnerable to SQL injection. we put a single quote ( ' ) to the end of the pages url. like the example below
ex. http://www.victim.com/accinfo.php?cartId=2' <= here we add the single quote.
If errors are shown in the page like sql error or something changes in the webpage then the page is vulnerable!
Now we use havij ( In opening HAvij right click and run as administrator for some computers), we paste the url to the target field on havij. Note: remove the single quote !
After havij has successfully get ta tables on websites database you can now get the columns and the data inside each columns. If passwords are encrypted you can use MD5 cracker in havij, If you need to find administrator log in you use the find Admin options..
And that's it Havij is just easy to use but very powerful. But I warn you website hacking is illegal . So hide your IP address use proxy servers.. And that's it :D
Havij Download Link Here :
Link: http://www.mediafire.com/download/oini6bcrqliolpi/Havi1-17pro%5Bwww.ajixcrew.blogspot.com%5D.rar
Password : ajixcrew
Happy Hacking :D
Credits : To all the links I have used for my post!
