Search SQL flaw with Havij

Havij is an automated SQL injection tool for penetration testers to find and exploit SQL injection vulnerabilities on a website in order to protect themselves.

Using this software, users can retrieve DBMS users, passwords, tables and columns, and even execute commands on the operating system.





The power of Havij makes it different from other similar tools are its injection methods. The SQL injection success rate is higher than 95%.
To use this tool, it better to know how an SQL injections.

To begin, download and run the tool havij instalation.

After the launch of the tool presents a window like the picture below:


in target put the address of your target (with a SQL fault) example:

www.target.com / index.php? id = the value of the id

then click Analyze.

Wait until the "Status" becomes "I'm IDLE" after you can recover all tables in the database of the site by clicking on "Tables" and "get tables."

And to understand the usefulness of havij, I present a very useful video I found on YouTube.



Remember that the best support for this blog is to like and share our articles!
Previous
Next Post »