Trick for Advanced SQL Injection : Havij

hy frnds .once again...Befor I give you a complete layout of how to do Advanced Sql injection on vulnerable website I recommend you to that this post is only for educational purpose..
Well to make the Sql injection easier for you I would be using a tool Havij.Its has both a free version and and a paid version.In this tutorial I will be demonstrating how to use the free version of Havij.The success rate for this tool is more then 94% on the vulnerable website.
It is automated tool for SQL injection for penetration testers to check whether a website is vulnerable to SQL injection or not.All you need to do is to enter the URL of the site that you want to test for the vulnerability and click on ANALYZE button.It will automatically scan the website for Sql Injection.
Below Is the Download link For Havij
CLICK HERE TO DOWNLOAD HAVIJ
Here Are the Features of Havij

Supported Databases with injection methods:
a. MsSQL 2000/2005 with error
b. MsSQL 2000/2005 no error (union based)
c. MySQL (union based)
d. MySQL Blind
e. MySQL error based
f. Oracle (union based)
g. MsAccess (union based)

Automatic database detection

Automatic type detection (string or integer)

Automatic keyword detection (finding difference between the positive and negative response)

Trying different injection syntaxes

Proxy support

Real time result

Options for replacing space by /**/,+,… against IDS or filters

Avoid using strings (magic_quotes similar filters bypass)

Bypassing illegal union

Full customizable http headers (like referer and user agent)

Load cookie from site for authentication

Guessing tables and columns in mysql<5 (also in blind) and MsAccess

Fast getting tables and columns for mysql

Multi thread Admin page finder

Multi thread Online MD5 cracker

Getting DBMS Informations

Getting tables, columns and data

Command executation (mssql only)

Reading system files (mysql only)

Insert/update/delete data

What Havij can do for you ?
By using this software user can perform back-end database fingerprint, retrieve DBMS users and  password hashes, dump tables and columns, fetching data from the database, running SQL  statements and even accessing the underlying file system and executing commands on the  operating system.

How to Find A vulnerable website
Go to google homepage and search for inurl:php?id=
You will get probably thousands of result.Now open any page and add a apostrophe ( ‘ )to the end of the url.Example if the Url was http://www.mytargetsite.com/php?id=34 it should be now http://www.mytargetsite.com/php?id=34’
If you get a SQL syntax error then this website can be vulnerable to SQL injection.Now you should use Havij on this URL.I'm Pasting some of the sites here but some of them u have to convert it into sql server,like i have done above..
Some Sql PHP are:-  http://www.sdpd.org.pk/news_de?tail.php?ID=82

http://pakhumanitarianforum.co?m.pk/modules/cjaycontent/index?.php?id=146

http://www.nwfpuet.edu.pk/view?news.php?id=209
http://www.unapakistan.org.pk/?newsdetail.php?id=41
http://www.beaconhouse.edu.pk/?bssgroup/cms_main.php?id=7
http://www.neduet.edu.pk/webma?g/articles.php?id=1

NOTE:This tutorial is for only educational and testing purposes.In some countries SQL injection is an offence.