In my previous posts I Explained how you can do a manual SQL Injection to extract rows and columns containing passwords and other use full data .If you were confused or find it difficult you can use Havij - Automated SQL Injection Tool
What is Havij ?
Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system. The power of Havij that makes it different from similar tools is its injection methods. The success rate is more than 95% at injection vulnerable targets using Havij. The user friendly GUI (Graphical User Interface) of Havij and automated settings and detections makes it easy to use for everyone even amateur users.
1. First a fall you need Havij .To Download Havij Follow the Link: http://www.ziddu.com/download/13363236/havijsqlinjectiontool.rar.html
2. To Get the password Follow the Link: http://www.ziddu.com/download/12526506/hackaholicpassword.rar.html
3. Now open Havij and enter the vulnerable site and click Analyze
5. Now click Get tables
6. Now select important columns such as user name ,password , email etc and
Click Get data
7 .If the passwords are crypted you can use the in built md5 hash decrypter or refer my post on Basics of password cracking.