Automated SQL Injection

 

Havij Download – Advanced Automated SQL Injection Tool →  link

How can get target site parameter

php?id=site:https://www.target.site.com 

We will get this 

https://www.target.site.com/php?id=4

https://www.target.site.com/php?id=10

Dork : php?id=site:in  || php?id=site:pk

Use of Havij to do SQLi

1. Go to target and load target sites like http://www.target.site.com/php?id=10 [without https]  + press start button

 2.  If database find it then show the icon open Table

 2.  Click on table → select on database → press on GetDBs

3. Select the following table as marked in the pic → press Get Table

4. Select few of them and press on get column

5. Select few of them and press on get data

Database → table → column→ data 

Live site link

---

http://www.abramis.co.uk/books/bookdetails.php?id=184549714