Havij is an automated SQL injection tool that allows penetration testers to find and identify SQL vulnerabilities in a database in order to protect themselves.
Using this software, a user can retrieve database users, passwords, tables and columns, and even run remote linux commands on the host server's operating system.
The power of Havij makes it different from other hacker tools are its injection methods. The success rate of an SQL injection is greater than 95%.
To begin, download the havij tool and launch the installation. After launching the tool a window looks like the image below:
Then in Target, put the address of your target (having a SQL fault ) example:
www.cible.com/index.php?id=the value of the id
Then click Analyze .
Wait until the Status returns to I'm IDLE . After you can recover all the tables of the database of the site by clicking Tables then get tables .
And to fully understand the usefulness of havij , I present you a very useful video that I found on YouTube.
Commentaires
Enregistrer un commentaire