Tuesday 26 March 2013

How to hack Website using Havij


* What is Website Database ?

                

                     The Website Database is a collection of Information like Images, Login ID's, Password, Company Data, etc. That is all stored in a Server Database so that it can be easily acessed, managed and updated. In one view, databases can be classified according to types of content :- Bibilographic, full-text, numeric, and Images.


* What is Havij ?
                                    Havij Pro is an advanced Vulnerability Exploiter, that can Exploit SQL Injection Vulnerability in Website and and get accessed into website database.

                     

* How to hack Website using Havij ?

{Note:- This is for Educational Purpose only}


* Requirements :
  • Havij Pro
  • Vulnerable website
  • Brain


* How to Perform Hacking using Havij ?


  1. Search for Vulnerable Website.
  2. Enter Website URL into Target box and Analyze it.

  3. After Analyzing it you can see that, It will find Database name, Tables and Columns :-

  4. And now, We got Database name and Tables, Let's find out Columns and Data of Users, Password etc.
    Now after getting Database name, you can see that "Tables" button is activated and we can read Tables
    Just click on "Tables" and you will get table like this :-
  5. Getting Tables of Database :-

  6. Here, we are Successfully in finding database Table, now it's time to find Database Row and Columns, So now click on Get DBs.

  7. DBs will load all Database to Program and it can be easily access-able. Now again click on Get Tables.

  8. Huh !! Finally we got up 'users' table, Now select users and click on 'Get Columns' and you will see this :-


  9. After Getting Columns and all.. Finally Click on 'Get Data' and you will get all login ID and Mdp_user
    as Shown in the Image :-

  10. So, here we got up Website Admin login_user ID and mdp_user. Now finally crack mdp_user Code and decode it.... to get password :-

  11. Now, it's time to Enter into Website using this Two Admin login ID and Password.

  12. To get the Admin page Click on 'Find Admin' and click on start to Analyze the admin page :-

  13. Got up :D, Now go to that URL of admin and Login with ID and password you got from Database :D
    We Hacked into website that's it Done

  14. You  got Admin Seat and Enjoy,Play  with Website :D
at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)