SQL Injection Tutorial ( Havij SQL Injector )

SQL Injection Tutorial ( Havij SQL Injector )

SQL injection is one of the most common and most widely used method of hacking  a website now a days. SQL ( Structured Query Language ) is a language used to communicate with the database of a website. SQL Injection is a technique used by a hacker to insert SQL codes into website in order to get sensitive information from the database like usernames and passwords.
 The manual SQL Injection is quite hard to understand for newbies. So i have decided to publish this post which we will use a tool called "Havij" to carry out our SQl injection attack!

 

Download Havij From Here

Havij supports the following databases:

• MySQL
• MySQL error based
• MySQL Blind
• MsSQL 
• MsSQL error based
• MsSQL Blind
• Ms Access
• Ms Access Blind
• Oracle
• Oracle error based
• PostgreSQL
• Sybase ( ASE )
• Sybase ( ASE ) Blind

Okay now for this tutorial we will be using a vulnerable website i found recently. well lets get started already!!

Finding The Vulnerable Site:

To find a site vulnerable to SQL Injection, just add a single quote ( ' ) after the url of the wesbite.
Example: http://www.vulnerablesite.com/index.php?id=12'
If the website loads normally, remains the same or shows a 404 error, that means website is not vulnerable to SQL Injection. How ever if the website shows an error related to Database or SQL that means the website is vulnerable to SQL Injection like this:

or you can use the Google dork to find vulnerable sites.

The Attack:

Lets say now you found a vulnerable site and you want to hack it!

Now i will Show you step by step the process of SQL injection.

Step1: Find SQL injection Vulnerability in the site and insert the string (like http://www.target.com/index.asp?id=123) of it in Havij as show below.

Step3: Now click on the Analyse button as shown below.
 




Now if the your Server is Vulnerable the information about the target will appear and the columns will appear like shown in picture below:

Step4: Now click on the Tables button and then click Get Tables button from below column as shown below:
 
Step5: Now select the Tables with sensitive information and click Get Columns button.After that select the Username and Password Column to get the Username and Password and click on the Get Table button.

Countermeasures: 

Here are some of the countermeasures you can take to reduce the risk of SQL Injection

1.Renaming the admin page will make it difficult for a hacker to locate it

3.Use a Intrusion detection system and compose the signatures for popular SQL injection strings

4. One of the best method to protect your website against SQL Injection attacks is to disallow special characters in the admin form, though this will make your passwords more vulnerable to bruteforce attacks but you can implement a capcha to prevent these types of attack.