SQL injection (SQLi) is a very Popular Method for website Hacking, you can do it manually or use automated sql injection Tools, To find SQL vulnerable website You can use google dorks.
Searching vulnerable Websites for Hacking
Searching vulnerable website is pretty easy, put a dork and select website from search results, for faster use you may use any exploit canner
read DNS hijacking tutorial Here
Attacking A Target website on Shared Hosting
Again its very easy, for example you have to hack examplesite.com and its Hosted on 192.168.13.5 , if examplesite.com is not vulnerable for hacking then Goto www.bing.com and put dork to find vulnerable website on same server,
for example ip:192.168.13.5 id=
if you got shell on same server then you can acess examplesite.com with WHM/ Reseller, Cpanel Cracking and Symlink,
Attacking The web Applicationhttp://www.devilscafe.in/search/label/web%20Application%20Security
A Method to Gain acess on websites in attacking web Application, to Search web application Vulnerabilities follow the method given above
you can shell web application with thier exploits, find some wordpress,joomla and other web app exploits here
Got Admin acess, now what ?
Once you Got admin acess, upload the shell ! download shells from here, if you don't have any
Uploaded shell, Now what ?
Now Take down you Target,you can either root the server or crack cpanels
or do mass symlink on server
(Cpanel Cracker, Symlink Shell, How to Root server)
once you got acess to website's database use mysql connect in table
and read admin password in tables, you can remotly chnage password for joomla and wordpress
(How to upload shell on Joomla, How to Gain admin acess on wordpress websites (shared server), How to Upload shell on wordpress)
now you have acess on server, do whatever you want ~!
(download awesome deface Pages)
Its really simple ?
Yeah, Thats why most Hackers Hack/deface/root or whatever they do to website !