Posted on 20 Comments

SQL injection with Havij : Step by step guide.

NOTE : This is strictly for educative purposes.

 

Havij is an automated SQL injection tool. To say in the own words of its creators,

” Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software, user can perform back-end database fingerprinting, retrieve DBMS login names and password hashes, dump tables and columns, fetch data from the database, execute SQL statements against the server, and even access the underlying file system and execute operating system shell commands. ”

It is available both in free and commercial versions. Today we are going to see how to dump the contents of a database using Havij. For this I am going to use the free version. First download Havij from here and install it. Then open it and enter the vulnerable page url in the target column ( for this tut I am using my own vulnerable webpage ).

havij1

 

Set the database option to ‘auto detect‘ and hit analyse. This should show you the current database name as shown below.

havij2

 

Click on the “info” tab. This will show you information about the victim’s system. We can see information like Host IP address, web server version etc.

havij3

 

Click on the “Tables” tab.

havij4

 

Click on “Get DBs” option. This will list all the databases as shown below.

havij5

 

To get tables in a specific database, select the database and click on Get Tables”. This will list all the tables present in the selected database. I selected database “shunya” here.

havij6

 

We can see that there is on table ‘users’ in our database ‘shunya’ .To get columns , select the table ‘ users’ and click on “Get Columns”.

havij7

 

Thia will list all the columns in the table. We can see that we have five columns in the table ‘users’.all the columns. It’s time to dump the values of columns. Select the columns whose data we want to dump and click on Get data”. Here I selected all the columns.

havij8

 

We got all the data including usernames and passwords. But passwords seem to be encrypted. No problem. Click on the password hashes and copy them. Then click on MD5″ tab and paste the password. Click on “Start”. Havij automatically decrypts the password for us. Decrypt all passwords in the similar manner.

havij9

 

Click on “Find admin”. This option finds the admin  page of the website automatically. When it finds the admin page, you can try the username and passwords to get access to the website. Hope this was helpful.

havij10

 

Here’s a video version of this howto.

 

20 thoughts on “SQL injection with Havij : Step by step guide.

  1. Nice Effort
    But I would say it is better to do it manually
    so that you know what is happening behind

  2. I totally agree with your opinion, my friend.

  3. please i need a real site to download the HAVIJ SQL INJECTOR that is password free

    1. @kayle, a link is provided in the forums for this.

  4. the site here is not working with my windows10 and others i got via google research all are encrypted and with passwords and without loader in the software……

    1. @kayle kayler, the alternative download link for the tool is provided in the forums section of this website.

  5. hey friend i want to know what if site is built with other than asp or php
    i am not able pass parameters . url is like http://www.sitename.com/username
    in this case how it will work

    1. @Mahesh, this tool doesn’t depend on the language used by the website. Maybe the site isn’t vulnerable.

  6. the address i saw there was not helpful, pls i need an address that will help me get the file downloaded pls

  7. thnx for the step by step guide and havij
    searched everywhere for it finally got it

    1. @Charles, Happy it helped you

    2. hello Charles
      i also have problems finding the setup. can u please upload and share the link.
      my email is yusuf_dy57@yahoo.com.

      thanks

  8. i found database as well as tables but as i try to get columns nothing happens.Help

    1. rRohit, Did you try a different table?

  9. I found a few vulnerble sites.. ik can see the database.. when i click get tables i can see the tables, but when i select a few boxes and click “get colums” not hing is happening. On al sites i try i have this problem.. whats the reisonderdelen bevind this?

    1. @Rgccevo, I hope you have prior permission to test these sites. Coming to your problem, first make sure that table has some columns. If that tsble has columns, what actually is the program saying.

  10. Will i be arrested if I hack website using havij

    1. Dear Viruz, not only Havij, if you use any hacking tool on a website or network without their prior permission, its called malicious hacking and is a punishable offence. Laws vary for nation to nation but I think imprisonment is common in all nations. My sincere suggestion to you will be not to try out any hacking on sites which you have no permission.

  11. how to this ( /about.php?id=1 )
    of other sites.

    1. This is only possible if the site is vulnerable to sql injection. First make sure if the site is vulnerable

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.