Havij Instructional exercise
-On this instructional exercise I will show you, how to utilize Havij just
-Recollect this is for schooling porpuse as it were
-No pictures were utilized on this TuT
-So how about we start by opening Havij.
-When you open it, it ought to have a spot to add your "Target: ________________" and a "Examine" Button.
-Presently it is the right time to look for an objective, for that utilization your "bestfriend"....GOOGLE (google numskulls)
Here is a model:
- Code: SELECT ALL
inurl:index.php?id:
-Duplicate it, and search it on GOOGLE
-Envision that your objective seems to be this: www.*snip*.com/index.php?id=341
-To check in the event that it is defenseless against SQL infusion simply add a statement on the finish of the url, as this:www.*snip*.com/index.php?id=341'
-In the event that it is, you presumably will see a SQL mistake message or something on the site will dissapear.
-Alright, presently it is the ideal time to return to Havij.
-On Havij simply place your objective without the statement, TARGET: www.*snip*.com/index.php?id=341 , and Press Investigate
-In the event that it works appropriately, on the lower part of the product you will get Segments, then, at that point, Snap to get Tables and for there on...
-Once that is finished, look for the Clients/Administrators and Passwords.
-In the event that you track down it, now is the ideal time to get the "administrator login PAGE"
-For that simply click on "Track down Administrator" and glue the site without the index,etc, similar to this: www.*snip*.com
-How about we envision that mine is: www.*snip*.com/Admin_Login.php
-Only Login with the Administrator username and Secret key that you get from the information.
-Furthermore, presently you'r in!
-Get as much information as possible.
However, Recollect this is for instruction porpuse as it were.
On the off chance that you have any inquiry, go ahead and ask it on the remarks