SQL injection attack _automated_ by Anil016



More Info
1.   STEP 1
Start SQLI Helper. If you are unable to find the executable file of SQLI Helper then
probably you need to pause the protection of you antivirus if you are using one. It may
be the case that windows defender consider this software as a malicious program. So
please either exclude this program from antivirus and/or windows defender scanning
or switch off your antivirus otherwise you wouldn’t be able to see the executable file of
SQLI Helper.

2.   STEP 2
Now we need to search for the SQL injectable/vulnerable links over the internet.
Google can be the best place for this. Now the biggest question is how to identify that
the link is vulnerable. First list the all possible links which may or may not be
vulnerable. To do this Google “inurl:.php?id=” without double quote. you can use
anything in place of “id” other possibilities are catid, sid, cid, addid, addname etc. You
will get the all links which contain “.php?id=” in their URL. One expamle of such link is
given below:
     Now to identify whether this link is vulnerable or not put one single quote on the
rightmost side of the URL as shown below:
      If you get some error on the page or some data is missing on that page then this
page is vulenerable and we can attack on this website using SQL injection attack. The
reason why this method worked is that by putting a single quote at the end of the url,
we have unbalanced the SQL quary running on the backend of the page. This happened
only because of the poor knowledge of the web developer. Here developer did not filter
the single quote (‘) from the input taken through GET method.

3.   STEP 3
We have identified the vulnerable link now. We need to launce the SQL injection attack
on that link. Just copy and paste that link into the target text field of the SQLI Helper.

4.   STEP 4
In this step we will launch the real attack. Click on Inject button as shown in the figure

     This will start attacking the website. It will show you the current operation in the
bottom window. After finishing the first phase of the attack it will ask you to get the
databases name.

5.   STEP 5
You will see the data filled in the top left box of this tool. This will show you the current
information gathered by the first phase of the attack. See the figure below.

6.   STEP 6
Now click on the Get Database button to get database names. This phase will fill the
database name window with the names of the database that website is using. See the
figure below.

7.   STEP 7
Select the database on which you want to launch the attack. After selecting the database
click on Get Tables button to get the table names of that selected database. After
successful completion of this phase table name box will be filled with all the table
names found. See the figure below.

8.   STEP 8
Select the Table which seems useful for you. After selecting the table click on Get
Columns button to get the column names. This fill start filling the column name box
with the found column names. See the figure below.

9.   STEP 9
Select the column names on which you are interested. You can select multiple column
names at a time. Now to get their values click on Dump Now button to get the table
data. This will show you the value stored in that table under that column. Suppose we
need the username and password of some admin table select both username and
password together and click on Dump Now you will see the admin id and admin
password. See the figure below.

10. STEP 10
Enjoy the admin credentials you have just got and use the wisely.

     The values achieved are actually in hash and hence you have to crack these hashes
to get userlogin and password to hack website. For this, go to
http://www.md5crack.com/ and crack the hash using "Crack that hash baby" button.
Thus, you are now able to hack website as you have got website user id and password.
Once, you get admin password, you can easily hack website.


To top