Hi, It's been years since SQL Vulnerability is found. Everyone know how to use it but I wanted to write about SQL Injection too. There was no illustrated post about Sql Injection so.. let's get start
I find our target website manually with dorks
We found a beautiful website, high scored on alexa. It is a website about football, let's open havij.
enter the target website url in target part.
and click Analyze
If there is a vulnerable website, Havij enables the attacker to analyze the site, bring back the DB name, tables names and the actual data.
Click on the Tables tab.
Click on Get DBs option.
This will list all the databases. We need to find Admin , User , Administrator and
Click on the Get Tables tab.
We need to get the data so click on the "Admin" or "User","Password" We can find the admin panel with "Find Admin" tab, it is trying 410 page, it finds the admin page of the website automatically.
source: https://www.turkhackteam.org/web-se...sil-yararlaniriz-sql-injection-herorahim.html
Translator: dRose98
I find our target website manually with dorks
Kod:
inurl:about.php?id=
We found a beautiful website, high scored on alexa. It is a website about football, let's open havij.
enter the target website url in target part.
and click Analyze
If there is a vulnerable website, Havij enables the attacker to analyze the site, bring back the DB name, tables names and the actual data.
Click on the Tables tab.
Click on Get DBs option.
This will list all the databases. We need to find Admin , User , Administrator and
Click on the Get Tables tab.
We need to get the data so click on the "Admin" or "User","Password" We can find the admin panel with "Find Admin" tab, it is trying 410 page, it finds the admin page of the website automatically.
source: https://www.turkhackteam.org/web-se...sil-yararlaniriz-sql-injection-herorahim.html
Translator: dRose98