Havji
Havji is a SQL injection tool. But is has more great skills like finding Admin panel, cracking hash ..
You can use it instead of the ordinary way of SQL injection.
Its especially for beginners a uselful programm
Ok now I will show you how to use it.
1) download it
http://itsecteam.com/en/projects/project1.htm
2) install it
3) Put the website name in the empty line and click analyze
4) now go to tables. Now click "Get Tables"
5) now search those tables in which there are words like "username, password, members, admin" or something like that.
6) now click on get data and you will see the results
7) Ok lets find Admin panel now. click on Admin pannel and copy the url into it. It will search the login pannel by itself.
8) If you got the password in md5 format encode it with md5 cracker in havji.
9) Now you only need to open Admin panel and login.
Upload your shell and deface
No comments:
Post a Comment