Havij: A Advanced SQL Injection Tool!

[begood]

We are really liking this tool. For with this tool, you can almost go back to your “point and shoot” days! Havij is a free tool, programmed in Visual Basic that will automate SLQ injections for you! Infact, just to test it out, we tried this on an installation of DVWA and it got us what we wanted!

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. All you need to know is a bit of SQL injection and you are done. You just need to click a button and wait till it finds a exploitable SQL query. Not only that, you can also fingerprint the back-end database, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system. Ofcourse most of that is after you have a successful exploit. Not only that, it supports a wide array of databases – MsSQL, MySQL, MSAccess and Oracle! You could also choose to evade IDS detection by simple pre-configured tricks of this tool. You can also try to brute force your way to find the admin directory and yes it does support proxies too!

This is how Havij looks:

Click this bar to view the full image.

These are the current functions that Havij supports as of now:

• Supported Databases with injection methods:
  a. MsSQL 2000/2005 with error
  b. MsSQL 2000/2005 no error (union based)
  c. MySQL (union based)
  d. MySQL Blind
  e. MySQL error based
  f. Oracle (union based)
  g. MsAccess (union based)
  
• Automatic database detection
  
• Automatic type detection (string or integer)
  
• Automatic keyword detection (finding difference between the positive and negative response)
  
• Trying different injection syntaxes
  
• Proxy support
  
• Real time result
  
• Options for replacing space by /**/,+,… against IDS or filters
  
• Avoid using strings (magic_quotes similar filters bypass)
  
• Bypassing illegal union
  
• Full customizable http headers (like referer and user agent)
  
• Load cookie from site for authentication
  
• Guessing tables and columns in mysql<5 (also in blind) and MsAccess
  
• Fast getting tables and columns for mysql
  
• Multi thread Admin page finder
  
• Multi thread Online MD5 cracker
  
• Getting DBMS Informations
  
• Getting tables, columns and data
  
• Command executation (mssql only)
  
• Reading system files (mysql only)
  
• Insert/update/delete data
  

As we have already said previously that this is a tool in Visual Basic, this will run only on Windows. Installation is pretty much simple too. We noticed something peculiar about this tool. It installs – columns.txt, admins.txt and tables.txt. Call them teh databases of Havij. You are free to add your stuff to these files. Just take care where you add those things.

Download Havij version 1.10 here.

Havij: A Advanced SQL Injection Tool! ? PenTestIT

[Bebe1911]

On: Bunisor.. doar ca mai bine faci "de mana"

Off: A mai fost postat, doar ca asta e alta versiune.

[THE PRO]

Dar totusi ce face acest program?

[strike]

Dar totusi ce face acest program?

Dupa ce citesti SQL injection - Wikipedia, the free encyclopedia ai sa intelegi.

[Naaraxi]

On: Bunisor.. doar ca mai bine faci "de mana"

Mai putin de munca , te poti concentra pe alte chestii in timp ce asta lucreaza

Suporta liste de URL-uri [eventual cu parametri pentru fiecare] ?

Edited June 5, 2010 by Naaraxi

[Flubber]

[...] Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. All you need to know is a bit of SQL injection and you are done. You just need to click a button and wait till it finds a exploitable SQL query.

Mai bine spuneau "Havij is an automated SQL Injection tool that helps kinders to find and exploit SQL Injection vulnerabilities on a web page.", aceeasi situatie in care un skiddie da un click si face un deface. La toate programele astea ar trebuii pus un anti-kinders. De ce sa stea lumea sa citeasca ce se intampla s.a.m.d. cand poate sa apese butonul magic si sare in aer lumea!

L-a testat cineva, este folositor pentru situatiile critica atunci cand nu este timp si trebuie ce ceva fast? Eu unul pentru astea le vad bune, nu am sa stau toata ziua sa dau limit 12,1 13,1 14,1 pentru un "dork" ca sa obtin un shell...

[Naaraxi]

Faza cu Auto Detect la Keyword nu prea tine .

Setarile nu sunt salvate , trebuie sa le faci de fiecare data .

Nu suporta liste de URL-uri .

In rest , e util in sensul pe care l-a precizat Flubber .

Daca esti in graba , incerci si alte cai de a intra etc. , programul incearca diverse metode automat .

Totusi , nu cred ca e o idee buna sa te lasi pe mana lui .

Sunt sanse sa nu gaseasca nimic , pe cand manual , ai putea gasi