Havij Tutorial

✨ Megiddo

✨ President ✨
Staff member
Joined
May 15, 2016
Messages
13,781
Likes
2,643
Points
1,730
Havij Tutorial


-On this tutorial I will be teaching you, how to simply use Havij
-Remember this is for education porpuse only
-No images were used on this TuT



-So let's start by opening Havij.

-Once you open it, it should have a place to add your "Target: ________________" and a "Analyze" Button.

-Now its time to search for a target, for that use your "bestfriend"....GOOGLE (google dorks)
Here's a example:
- Code: SELECT ALL

inurl:index.php?id:


-Copy it, and search it on GOOGLE


-Imagine that your target looks like this: www.*snip*.com/index.php?id=341


-To check if it is vulnerable to SQL injection just add a quote on the end of the url, like this:www.*snip*.com/index.php?id=341'


-If it is, you probably are going to see a SQL error message or something on the website will dissapear.


-OK, now its time to go back to Havij.


-On Havij just place your target without the quote, TARGET: www.*snip*.com/index.php?id=341 , and Press ANALYZE


-If it works properly, on the lower part of the software you will get Columns, then Click to get Tables and for there on...


-Once thats done, search for the Users/Admins and Passwords.


-If you find it, its time to get the "admin login PAGE"


-For that just click on "Find Admin" and paste the website without the index,etc, like this: www.*snip*.com


-Let's imagine that mine is: www.*snip*.com/Admin_Login.php


-Just Login with the Admin username and Password that you get from the data.


-And now you'r in!


-Get as much data as you can.


But Remember this is for education porpuse only.


If you have any question, feel free to ask it on the comments
 
Top Bottom