When you are called upon by law enforcement based on your expertise to hack into a network of a business known to be launching crimes against humanity as its primary mission for operation and capital gain thank them for givinging you the oportunity to do the job make sure you sign the necesarry documentation, protecting you from all laibility and legalities associated with the job. Now structure how you want to get you information through reconnaissance,Scanning Enumeration then Attacking and Post attacking if possible fall back attacks.
In my research from the book Network Security, Firewalls, and VPNs the process will start of by exploring discovery and information gathering phase also know as footprinting or reconnaissance. this will be your pre-attack phase to learn more about the target before the first actual attack. this can be done online and offline. Be carefull not to tip off the the target that its being investigated. through archieves.org you will find alot of information on the companies older versions of their web sites, analyse search engine contents, review current Web site, do some investigatative background of the employees, Map out the location of the company, analyse job postings. be on the look out for leaks of information online, newspaper and magazine articles, frequent blogs, newsgroups,chat and forums that are visited by the company and staff, Audit financial records or review public filings, review pubic records and other court cases. Query who personels are, domain registeration, and public IP assignments, listen in on emails and other forms of communications, find out what softwares they use and finally visit the pysical location and check out what the pysical security situation is?
Once you have created a structured and meaningful file about the target you can proceed to scanning the of the target. Scanning is a process of confirming all the info you have learned about you subject and finding out new details. during scanning you will have to find live andactive systems. You will will have to employ the war dailing, war driving, ping sweeps and port scanning.
War dailing is an old tactict use to located all active modems which answered on telephone systems. during reconnaissance all phone numbers collected or within the specific area code of the location mapping will be automatically dailed using a computer hooked to a modem fo find other modems in the area.
War driving is a method of finding wireless network with the aid of a wireless device. you will want to drive around the traget business or just get into the lobby and see what networks you might find.
Then a ping sweep will be preformed to find which network will respond to Internet Control Messaging Protocol(ICMP) echo request. In this proccess a network mapping utility or ping command sends ICMP echo request to all possible reciepients within an IP address range or subnet. All up and running networks will send ICMP echo response back validating a working IP address.
Now to do a port scan which not alone will let us know the open, closed or filtered ports on the network but will also help find already known and determine the existance of a system at a specific IP address.
With the reconnaissance it generally secretive, silent and unobstructive where as with scanning you become very noticable on the network due to the number of scans performed to find open ports of various IP addresses, it is advicable to do alot aof scans to find multiple access points.
Enumeration which has to be performed before attack. In this phase OS identification is performed by probing the open and closed ports of the target networks. A multiple of softwares can be uses to perform this task. Zenmap will be employed for this case because is gives you a GUI interface of your analysis and shows you all open and closed ports as well as the OS it runs the best part of it all is it has a cross platform capabitity. which makes it very ideal not to mention its free to download. this phase provides found potential attack points. the national vulnerability database will have to be evaluated find mre avenues of exposure. time to collect exploit tools and prepare to wage the attack.
Attacking the business should be swift and fast based on all the collected data. Once a vulnerability is tested and it fails be quick to abandon it refere to the enumeration data and then re-luanch a new attack. Since the aim is to go in for MSQL data the software preference will be Havij Hacking Software which can be used to download the database and retrieve the administrator password for later exploits.
"Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page.
It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system." http://hackinvasion.blogspot.com/2013/01/hacking-website-with-havij.html#! Hacking website with Havij Hack Ethically
If this attack is succesful, the next stage will be the post attack phase. however if the attack fails we will have to to go back to the reconnaissance the enumeration phase to develop a new approch to attack.
During the post attack phase keystroke loggers can be dumped in the system to steal administrator or system access and even trojan horses to activate at a later time send access codes to base for later log-in into the system.
Once in and out the clean-up will have to start to clean all traces or evidence of entry into the system. If this is done successfully the system can be considered owned. the Fall back attack will be the alternate plans incase the initial actions does not go as planed, social engineering will be the next cause of action, "Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.
A social engineer runs what used to be called a "con game." For example, a person using social engineering to break into a computer network might try to gain the confidence of an authorized user and get them to reveal information that compromises the network's security. Social engineers often rely on the natural helpfulness of people as well as on their weaknesses. They might, for example, call the authorized employee with some kind of urgent problem that requires immediate network access. Appeal to vanity, appeal to authority, appeal to greed, and old-fashioned eavesdropping are other typical social engineering techniques." social engineering http://searchsecurity.techtarget.com/definition/social-engineering

A detailed log of all activities should be kept and a final document prepared, to be presented for the investigation commitee to access at the end of the assignment. This i find will be helpfull as a point of reference for both parties to establish an ethical hacking agreement.