Well to make the Sql injection easier for you I would be using a tool Havji.Its has both
a free version and a paid version.In this tutorial I will be demonstrating how to use the
free version of Havji.The success rate for this tool is more then 95% on the vulnerable
Website.
It is automated tool for SQL injection for penetration testers to check whether a website is
vulnerable to SQL injection or not.All you need to do is to enter thr URL of the site that you
want to test for the vulnerability and click on ANALYZE button.It will automatically scan the
website for Sql Injection.
Download from here
How to find A vulnerable Website
Go to google homepage and search for inurl:php?id=
You will get probably thousands of result.Now open any page and add a apostrophe(*)to the
end of the url.Example if the Url was http://www.mytargetsite.com/php?id=34 it should be
now http://www.mytargetsite.com/php?id=34'.
If u get a SQL syntax error then this website can be vulnerable to SQL injection.
Now you should use havji on this URL.
a free version and a paid version.In this tutorial I will be demonstrating how to use the
free version of Havji.The success rate for this tool is more then 95% on the vulnerable
Website.
It is automated tool for SQL injection for penetration testers to check whether a website is
vulnerable to SQL injection or not.All you need to do is to enter thr URL of the site that you
want to test for the vulnerability and click on ANALYZE button.It will automatically scan the
website for Sql Injection.
Download from here
How to find A vulnerable Website
Go to google homepage and search for inurl:php?id=
You will get probably thousands of result.Now open any page and add a apostrophe(*)to the
end of the url.Example if the Url was http://www.mytargetsite.com/php?id=34 it should be
now http://www.mytargetsite.com/php?id=34'.
If u get a SQL syntax error then this website can be vulnerable to SQL injection.
Now you should use havji on this URL.
0 comments: