Hi Friends in this Tutorial i will Tell you How to Hack Web Sites With Sql Injection tool, there are large amount of sql vulnerable sites available.

Google Dorks: Google dorks are specifically query's that can reveal all the information about the specific website. I am giving you some Google dorks which you can use for finding the website vulnerable to sql injection.

    addToCart.php?idProduct=

    addtomylist.php?ProdId=

    add-to-cart.php?ID=

    adminEditProductFields.php?intProdID=

    advSearch_h.php?idCategory=

    affiliate.php?ID=

    affiliate-agreement.cfm?storeid=

    affiliates.php?id=

    ancillary.php?ID=

    archive.php?id=

    article.php?id=

    phpx?PageID

    basket.php?id=

    Book.php?bookID=

    book_list.php?bookid=

    book_view.php?bookid=

    BookDetails.php?ID=

Finding target:

1) Now just paste any one of the query in Google search box you will get a lot of websites.

2) Now open any of the website so you will get the link like this.
    www.example/index.php?id=12 or any number

3) We have to just add a single quote (') at the end of link so it will become some thing like this.
    www.example.com/index.php?id=12'

4) Look closely at the page before adding single quote (') and after adding single quote (') . If the some element of the page is missing then Bingo!!! you have found a vulnerable website. Now we can start our sql injection. And if the page remains the same or show's error like page not found then it is not vulnerable and you should move to another website. 

Now we have our target ready so what are you waiting for just attack.

1) First of all download Havij 1.15 

                                           Download Havij

2) Now extract it and run it. It will look some thing like this.

3) Now paste your target in the highlighted box. And click analyze.

4) Let it analyze your target for some time. and then you will see something like this.

5) Now click on "Tables" tab. You will see something like this.

6) Now click on "Get DBs" ( Make sure you have tick-marked on the first option, let it be anything ). Now wait for about a minute you will some thing like this.

7) Now tick-mark both the option's. And click on "Get Tables". And wait for some 2-3 minutes. You will get a lot of information from this. It'll look something like this.

8) Now search something sensitive like admin, users, login, passwords, and many more. Tick-mark them and click on "Get Columns". You will see something like this.

9) Now there you have user_id, password, user_name. Now tick-mark them and select "Get Data". You will see something like this.

10) Now find admin panel. And login using the user_id and password found.

Short for Internet Protocol, IP is an address of a computer or other network device on a network using IP or TCP/IP. For example, the number "166.70.10.23" is an example of such an address. These addresses are similar to an addresses used on a house and is what allows data to reach the appropriate destination on a network and the Internet.

There are five classes of available IP ranges: Class A, Class B, Class C, Class D and Class E, while only A, B, and C are commonly used. Each class allows for a range of valid IP addresses. Below is a listing of these addresses.

Class	Address Range	Supports
Class A	1.0.0.1 to 126.255.255.254	Supports 16 million hosts on each of 127 networks.
Class B	128.1.0.1 to 191.255.255.254	Supports 65,000 hosts on each of 16,000 networks.
Class C	192.0.1.1 to 223.255.254.254	Supports 254 hosts on each of 2 million networks.
Class D	224.0.0.0 to 239.255.255.255	Reserved for multicast groups.
Class E	240.0.0.0 to 254.255.255.254	Reserved for future use, or Research and Development Purposes.

Ranges 127.x.x.x are reserved for the loopback or localhost, for example, 127.0.0.1 is the common loopback address. Range 255.255.255.255 broadcasts to all hosts on the local network.

IP address breakdown

Every IP address is broke down into four sets of octets that break down into binary to represent the actual IP address. The below table is an example of the IP 255.255.255.255. If you are new to binary, we highly recommend reading our binary and hexadecimal conversions section to get a better understanding of what we're doing in the below charts.

IP:	255	255	255	255
Binary value:	11111111	11111111	11111111	11111111
Octet value:	8	8	8	8

If we were to break down the IP "166.70.10.23", you would get the below value. In the below table, the first row is the IP address, the second row is the binary values, and the third row shows how the binary value equals the section of the IP address.

166	70	10	23
10100110	01000110	00001010	00010111
128+32+4+2=166	64+4+2=70	8+2=10	16+4+2+1=23

Automatically assigned addresses

There are several IP addresses that are automatically assigned when you setup a home network. These default addresses are what allow your computer and other network devices to communicate and broadcast information over your network. Below is the most commonly assigned network addresses in a home network.

192.168.1.0	0 is the automatically assigned network address.
192.168.1.1	1 is the commonly used address used as the gateway.
192.168.1.2	2 is also a commonly used address used for a gateway.
192.168.1.3 - 254	Addresses beyond 3 are assigned to computers and devices on the network.
192.168.1.255	255 is automatically assigned on most networks as the broadcast address.

If you have ever connected to your home network, you should be familiar with the gateway address or 192.168.1.1, which is the address you use to connect to your home network router and change its settings.

Getting an IP address

By default the router you use will assign each of your computers their own IP address, often using NAT to forward the data coming from those computers to outside networks such as the Internet. If you need to register an IP address that can be seen on the Internet, you must register through InterNIC or use a web host that can assign you addresses.

Anyone who connects to the Internet is assigned an IP address by their Internet Service Provider (ISP) who has registered a range of IP addresses. For example, lets assume your ISP is given 100 addresses, 109.145.93.150-250. This means the ISP owns addresses 109.145.93.150 to 109.145.93.250 and is able to assign any address in that range to its customers. So, all these addresses belong to your ISP address until they are assigned to a customers computer. In the case of a dial-up connection, you are given a new IP address each time you dial into your ISP. With most broadband Internet service providers because you are always connected to the Internet your address rarely changes and will remain the same until the service provider requires it to be changed.

What is Ethical hacking?

Ethical hacking is the process of hacking the information that is considered to be confidential. The information through the ethical hacking does not remain secret at all. The ethical hacking process is also known as the intrusion testing, penetration testing or red teaming. However the ethical hacking also gives s professional certification to the certified ethical hacker where the hacking of the computer system or some other devices takes place. This service had been made available to the people by the international council of e-commerce consultants.

Moreover for the ethical hacking the user has to be an ethical hacker which is somehow the name that is given to the person and for this the person must be a penetration tester. The ethical hacker is responsible for the performance of different activities. The main role that had been allotted to the ethical hacker is that he is the person who is mainly working for an organization or the organization hires the ethical hacker for the purpose of penetrating the information from different networks or systems. The organization trusts the ethical hacker as he is responsible for providing different services to the firm.

The ethical hacking service is very much similar to that of the hacking and the ethical hacker is also working in the same way as the hacker is working for different purposes. The ethical hacker is the person who is found to be a computer expert and at the same time he is also responsible for the working of the networking systems as well. He is the person who works on behalf of the members of the organization. At times the hacking service that is being provided by the hacker can also be dangerous for the firm and hence it can exploit the systems of the company