First Find a sqli infected site .
Now Let's start
Open havij and copy and paste infected link in to the "target".
now set every thing as auto detect because it is easy for a soft to detect which method should be applied ... after doing the same click "analyze"
after clicking analyzing this will automatically detect the infected link and injects the best method which is suitable for given link...
one thing more havij has good that it automatically finds everything just you need to be stay cool n calm and wait for a while...
after clicking "analyze" this will start seaching the database type,name,version bla bla .....
Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name like xxxx_xxxx
Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed....
After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " ....
after user's there should be user names and passwords In that Just put mark username and password and click "Get data"....
Bingo Got now id and pass that may be admin...
The pass will get as md5 you can crack it also using this tool.....
mostly the paswords hashes are in md5 but if it is not in md5 dont get tense there are many online sites which automatically detects the hash n cracks :D :D
and in the last you need to find the admin page to "login"..... sometime its easy to find but some times its very difficult but havij can also find admin page by clicking on "find admin"......
when you get loged in do what you want :D :D
thanks for reading :D happy hacking :D