Home / Ethical Hacking / Hacking websites : How to hack websites By using SQL Injection

Hacking websites : How to hack websites By using SQL Injection

DISCLAIMER: THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY . IF ANY ONE MISUSED IT I AM NOT RESPONSIBLE FOR THAT.

SQLI Helper to hack website

Today i am GOing to Describe What the SQL Injection IS and How It will Going to help in Hacking the Websites..
I was Asked By Warious Users To Write A Turotial About
HOW TO HACK THE WEBSITES?
Today I am Going to Discuss the Easiest Way to hack the Websites i.e SQL Injection Techniques.
We Will Use The Software SQLI Helper to Perform This. I have provided link for software download… just read on.
 


How to hack website using SQLI Helper:

SQLI Helper is handy software to hack website. You don’t need to have any knowledge of SQL to hack website using SQLI Helper. Just follow the guidelines below:

1. Free DownLoad SQLI Helper to hack website.

Password: techotips.blogspot.com

2. Unzip the file to obtain SQLI Helper to hack website.

3. Now, when you have website hacking software, you need to find website with potential vulnerability. There are some websites that are unhackable. While finding hackable websites, it is better to search for sites with format “article.php?id=[number]” in url.

Lets consider one example which I will use in this article:

http://encycl.anthropology.ru/article.php?id=1

Check whether your searched victim site can be hacked by entering:

http://encycl.anthropology.ru/article.php?id=’1

in address bar and hit enter. You will get error message like:

Query failed.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”1 ORDER BY lastname’ at line 1 SELECT * FROM person_old WHERE id=’1 ORDER BY lastname

If you get such error message, it is confirmed that you can hack website using this method and now you can move forward to hack website.

4. Run SQLI Helper on your Computer.
SQLI Helper to hack website
5. In target field, enter http://encycl.anthropology.ru/article.php?id=1 (the website url you just discovered as hackable) and hit on “Inject”.6. SQLI Helper will search for columns and you will have something like this:

Website hacking software
7. Hit on “Get Database” to get:
Hacking website down
8. Select any element from “Database Name” and click on “Get Tables”.
9. Now, select element from table and hit on “Get Columns”. I have selected “user” to get userid and password required for login.
10. Now, when you know “user” table has columns “usr_login” and “usr_pass”, select them and hit on “Dump Now”.
11. You will get values like these:
password hashes cracked
12. The values achieved are actually in hash and hence you have to crack these hashes to get userlogin and password to hack website. For this, go tohttp://www.md5crack.com/ and crack the hash using “Crack that hash baby” button. Thus, you are now able to hack website as you have got website user id and password. Once, you get admin password, you can easily hack website.
Thus friends, now, I hope you know how to hack website using SQL Helper. Note that using this method you cannot hack every website. SQL Helper will help you to hack website in easy way. If you have any problem in usingSQL Helper to hack website,please mention it in comments.Enjoy SQL Helper to hack website…

DON’T FORGET TO SAY THANKS !

 

About Lokesh Singh

Hello Friends, i am Lokesh Singh, certified Ethical hacker ( CEH, SSA, CSIF , CISSP). Have 8+ years of extensive experience in Ethical Hacking, Cyber Security and Penetration Testing domain.

Check Also

camera-hacking

How to Watch Security Cameras on the Internet

How to Watch Security Cameras on the Internet : Camera hacking is not very new …

26 comments

  1. Great post. I was checking continuously this blog and I am impressed!

    Extremely helpful information specially the last part :
    ) I care for such info much. I was looking for this certain info for a
    long time. Thank you and good luck.

  2. pls help me here is my e mail address kup7502003@yahoo.com pls i want to know how to hack for credit card?

  3. i can download the sql injection pls help me

  4. “Object reference not set to an instance of an object.” whts this means ?

  5. noob check the time when its get posted …. Its Auguest 2009 post… i.e This post was so old when u havn’t even started hacking…
    Rofl I am ur Dad in Hacking… I never leeched any article from any website…. I write my articles based on my experience and practicals not just by listening noobs….

Have any Suggestions? Compliments? Why not comment then?