TheKingUnderTheHill Posted April 29, 2012 Share Posted April 29, 2012 Hey, just got Havij (pro edition) been playing around but making no real progress, looked at a few tutorials online, but none of them actually tell me in detail how to use the program. Such as an example of what type of URL to put in, i know its got to be .php etc. but what about the ?id=51 part, is this necessary? If anyone can explain to me how you are supposed to use the program, any help would be greatly appreciated, cheers! Quote Link to comment Share on other sites More sharing options...
digip Posted April 30, 2012 Share Posted April 30, 2012 (edited) Hey, just got Havij (pro edition) been playing around but making no real progress, looked at a few tutorials online, but none of them actually tell me in detail how to use the program. Such as an example of what type of URL to put in, i know its got to be .php etc. but what about the ?id=51 part, is this necessary? If anyone can explain to me how you are supposed to use the program, any help would be greatly appreciated, cheers! Ifs its sql injection, then yes, the ID=## part, is where it tests the injection. Learn to do it manually on a vulnerable script/website first. Never heard of this tool and more than likely you could be infecting your own machine trying to run stuff you know nothing about. Also, do this on your own systems, in a virtual lab. Attacking random websites to try to learn about this, is not only illegal, could land you in jail. If you attack a site that isn't vulnerable, you could set off all kinds of alerts to the sys admin and they could turn over all your info to law enforcment. Edited April 30, 2012 by digip Quote Link to comment Share on other sites More sharing options...
Radau Posted April 30, 2012 Share Posted April 30, 2012 Exactly This ^ If you run off doing this on peoples websites you will most likely get caught. I had a friend back in Freshmen Year that got caught just by running a portscan and arrested, imagine what doing this without having authorization could lead to. Quote Link to comment Share on other sites More sharing options...
digip Posted April 30, 2012 Share Posted April 30, 2012 I ended up finding the app by r3dm0ve, on itsec something or other. Unpacked inno setup file and sent to virustotal, would be careful running it, Had like 20 some hits and most said hack tool, but some said trojan as well. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 30, 2012 Share Posted April 30, 2012 Just curious, when you bought it did you send over all the PI that they wanted to see? There is no way I'd send a copy of my passport and other info like that to a random hacker group. If you didn't buy it then I've been told that most of the pirate versions around are fully loaded with all sorts of nastiness, beware! Quote Link to comment Share on other sites More sharing options...
Mr. Pickles Posted April 30, 2012 Share Posted April 30, 2012 Yes, You can try a blind injection, Settings > (click on the blue link "User Agents") > and select %Inject_Here% hit apply and then you will be able to attempt a blind injection ^^ everyone gets their panties bunched up in a knot over havij, dont get me wrong Its always good to know how to do it the manual way too but Havij is an awesome tool Have fun man! Quote Link to comment Share on other sites More sharing options...
digip Posted April 30, 2012 Share Posted April 30, 2012 Yes, You can try a blind injection, Settings > (click on the blue link "User Agents") > and select %Inject_Here% hit apply and then you will be able to attempt a blind injection ^^ everyone gets their panties bunched up in a knot over havij, dont get me wrong Its always good to know how to do it the manual way too but Havij is an awesome tool Have fun man! There are other tools out there he could use too, that are well known and don't have the notion of malware attached, but my concern for him was using software, that could have infected his system in the process. Boot up backtrack, there are tools on there to do what he asks if he really wants to do it, although what he does is on him. That goes without saying. If you didn't buy it then I've been told that most of the pirate versions around are fully loaded with all sorts of nastiness, beware! He didn't say it was pirated or cracked, but if they were, thats a good point. I would be even more cautious if it was. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 30, 2012 Share Posted April 30, 2012 That is why I asked if he had bought it first. I don't know anyone who is willing to give over the personal information they are asking for to buy it. Quote Link to comment Share on other sites More sharing options...
TheKingUnderTheHill Posted April 30, 2012 Author Share Posted April 30, 2012 (edited) Ah, well it is quite a commonly known tool in many of the other forums I trawl and the download link that I used came up clean on Virustotal, my own scan, and was verified by many people (some that i know personally) from the link where I got it. I also didnt hand over any personal information, nor am I trying this on any unauthorized sites, a The friend has set one up for us to play about on, but couldnt get it to work. Other than that, thanks for the feedback, its very helpful. I'll boil it down for anyone else reading the thread who wants to know more. > The page must have "?id=#" at the end. > Put a single quote ' on the end of the link, if it returns an SQL Error, the site is vulnerable > Then use Havij to find User and Pass tables > Crack MD5 hashes > Done Also curious about how to do this in BT, i've played about with the SQLi tool on there, but could anyone point me in the direction of a decent tutorial? Edited April 30, 2012 by TheKingUnderTheHill Quote Link to comment Share on other sites More sharing options...
digip Posted April 30, 2012 Share Posted April 30, 2012 (edited) Joe Mccray has done a lot of talks on the subject and many of the anonymous sites that have tuts on it, copy almost verbatim the talks and slides hes written. http://bit.ly/JNJnBn I think if you understand the manual way of entering it through a browser, you will be able to figure out Havij or other tools much easier. I have a text doc around here somewhere too, but you can easily search pastebin for sqli cheat sheet(s), there are numerous. Edited April 30, 2012 by digip Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.