Dear Readers: HWS has recently started a new project for the students of engineering ====> The Engineering Projects


Write at HWS !!!

Guest Posting

Sunday, May 23, 2010

Hack websites using Auto SQL I Helper


In the recent posts we have seen the hacking of a site using manual SQL injection,which is essential to know the basics of SQL.Now we are going to check advanced SQL INJECTION.


At the begening "SQLIHelperV.2.7" is a tool that will hack vulnerable websites using SQL injection. You don't have to spend hours and hours trying to find your way in a website and trying hundreds of combinations and codes to hack a website.
This tool will do it all by itself. You only have to tell her what do and where to look.


Lets start.
first you need to find the potential website that you think it might be possible to hack it. Remember that some websites are simply unhackable.


After you find your website ( better to end with "article.php?id=[number]" ) example: "http://encycl.anthropology.ru/article.php?id=1";




Check if your website can be hacked by trying to go this address :
http://www.domain.com/article.php?id=&amp;amp;#39;1 <------ notice the ' before the number 1.


you should get this message:


Query failedYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1 ORDER BY lastname' at line 1 SELECT * FROM person_old WHERE id=\'1 ORDER BY lastname


This mean that this website can be hacked because you get an error.


Now open your SQL I Helper V.2.7
and write the link :
http://www.domain.com/article.php?id=1 <---- without the '


and press the inject button.


Now you should wait until the tool finish searching for columns . Time may vary depending on your connection speed , your pc speed , and the number of columns in the website.


Make sure that the website support union otherwise the injection won't work.


Now select any element from the "database name" box and press the "Get tables" button ,


then select any element from the "table name" box and press the "Get columns" button


then select any elements you want from the "columns name" box and press "Dump Now"


After clicking "Dump Now" , u will see some hashes


Now copy the hash on a peace of paper and go to this website:


http://www.md5crack.com/


enter the hash and press the button "Crack that hash baby!" and you should get the source of the hash.

About the Author

I am XEO Hacker, the founder of Hack With Style (HWS). I am blogging since 2009 before that I just search things and now I am sharing my knowledge through this plateform.I'm also a freelance writer on topics related to Website Hacking,Website Optimization (SEO), blogger customizations and making money online.
In 61 people's circles

Subscribe To Get FREE Tutorials!


Respected Readers:
As a 21 year old student, the only income I rely on is my pocket money. Bearing the running costs of HWS Blog has become really difficult. We educate thousands of bloggers a week with our tutorials. To help us go forward with the same spirit, a small contribution from your side will highly be appreciated.

0 comments:

Confused? Feel free to ask

Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.
Note:-
Please do not spam Spam comments will be deleted immediately upon my review.

Regards,
XEO Hacker

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 

Recent Posts

Join Me On Facebook

700+ Followers

Followers


meet women in Ukraine contatore visite website counter
DMCA.com

Recent Comments

Follow Me On Twitter

1112+ Followers