Dorks:They are like search criteria in which a search engine returns results related to your dork.
The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks
For this tutorial, the search engine we'll be using is Google
Credits to those who are mentioned in this tutorial
Now I'll show you how to use dorks with the help of a video too.
Step1: Finding your dorks i.e. the criteria you'll be using
Dork List compiled by kobez-
Code:
http://pastebin.com/0FqmasC7Dork List by Sidesipe-
Code:
http://pastebin.com/x1rtqktjDork List by .Newsletter'
Code:
http://pastebin.com/APxqavu9For this tutorial, we'll be using this dork "inurl:index.php?id="
Step2: Making use of your Dorks with the help of Google
Here's what you do:
- Go to http://www.google.com
- Type the dork in the search bar "inurl:index.php?id=" (with or without quotes)
- Now you'll find a whole lot of links in your results
Here's how you can speed up your process:
In your mouse, there should be a scroll button right?
Hover your mouse on each link and hit the scroll button so that it'll open on a new tab. (Lets say you can open about 10 links at a time)
Step3: Vulnerability approach
Now to see whether the website is vulnerable to SQL injection or not, we simply put in a quote " ' " at the end of the url address.
So our site will look like this
Code:
http://www.site.com/index.php?id=123'Do the same thing with the websites you opened on your tabs and see if there's any vulnerable website.
To determine if a website is vulnerable or not, it should return an error!
Note: If you can't find any vulnerability after doing some vulnerability search on this dork, you can always browse the dork list I've mentioned above and use any of them until you find any website vulnerable to SQL injection
0 (mga) komento:
Mag-post ng isang Komento