Havij Tutorial

✨ Megiddo

✨ President ✨
Staff member
May 15, 2016
Havij Tutorial

-On this tutorial I will be teaching you, how to simply use Havij
-Remember this is for education porpuse only
-No images were used on this TuT

-So let's start by opening Havij.

-Once you open it, it should have a place to add your "Target: ________________" and a "Analyze" Button.

-Now its time to search for a target, for that use your "bestfriend"....GOOGLE (google dorks)
Here's a example:


-Copy it, and search it on GOOGLE

-Imagine that your target looks like this: www.*snip*.com/index.php?id=341

-To check if it is vulnerable to SQL injection just add a quote on the end of the url, like this:www.*snip*.com/index.php?id=341'

-If it is, you probably are going to see a SQL error message or something on the website will dissapear.

-OK, now its time to go back to Havij.

-On Havij just place your target without the quote, TARGET: www.*snip*.com/index.php?id=341 , and Press ANALYZE

-If it works properly, on the lower part of the software you will get Columns, then Click to get Tables and for there on...

-Once thats done, search for the Users/Admins and Passwords.

-If you find it, its time to get the "admin login PAGE"

-For that just click on "Find Admin" and paste the website without the index,etc, like this: www.*snip*.com

-Let's imagine that mine is: www.*snip*.com/Admin_Login.php

-Just Login with the Admin username and Password that you get from the data.

-And now you'r in!

-Get as much data as you can.

But Remember this is for education porpuse only.

If you have any question, feel free to ask it on the comments
Top Bottom