Saturday, 20 February 2016

How Hackers Use SQL Injections To Get Access Of Websites

There are many methods by which you can hack the websites but SQL Injection method is the one of the best techniques that is used preferably by many hacker.Using these techniques one can hack the database and information of the websites.Here in this article you will know how you can hack the websites using SQL Injection attack.Follow these steps given below to learn how to hack websites.



Before We start here are the things that you will need:
1.Havij SQL Injection tool

2.SQL vunerable site(take examplesite.com/catalogo_nuevos_detalle.php?id=2)

To check sql vunerable site add (‘) at the end of site url and if you get sql error in your syntax then it means your site is SQL vunerable.

Steps :-
1.Open Havij and paste the site URL in the target field and then wait for havij to get details and databases of the website.

2.After that click on the available database of the site and click on Get Tables.On clicking Get Tables Havij will look for the tables available in the database.

3.After scanning Havij will get all the tables available.Here you has to just find the tables named as admin,users and something similarto these.Select the similar words and click on the Get Columns.Havij will then get all the coloumns available in the users table.

4.Now select the columns and then click on the Get Data.Havij will then look for the data available in coloumns login and password i.e username and password.The username and the password you get is encrypted in mdm language and not in real text.To crack the encrypted password just copy the password and click on the MD5 tab in Havij and paste the encrypted password in Md5 hash field and hit start.Havij will then try to crack the password.


5.Now click on Find Admin tab in Havij and then click Start.It will check the admin panel of the website.Open the admin panel in web browser and login with username and password and you are now in admin panel of the website.You has succesfully logged to the website and has hacked the website.
Conclusion:

Using the above steps you can hack up the website if it is vunerable to the Sql attack unless you can find out other ways also but to great extent the method of SQL attack is the best for the hacking of websites.The above steps is for Havij program but there are also many programs available that does the same process to hack up the websites.

Share this

0 Comment to "How Hackers Use SQL Injections To Get Access Of Websites"

Post a Comment