hack-anonim
Пользователь
hack-anonim
Пользователь
- 24 Окт 2015
- 572
- 316
The Tutorial This guys the Hello will of to help you to the get Your own '' Dorks ''
A simple method to make your own DORKS.
What you need:
A simple method to make your own DORKS.
What you need:
BRAIN
Time
PC
A method of finding websites vulnerable to SQL injection is using what we call "dorks"
Dorks: They are like search criteria in which a search engine returns results related to your dork. The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.
Basic Formula of dork,
CODE:
"inurl:."domain"/"dorks" "
So you would normally understand it like this:
"inurl" = input URL
"domain" = your desired domain ex. .gov
"dorks" = your dork of your choice
Do you really think inurl: is the only google dork that you can use? Wrong there are many you can use!
You can use following words instead of inurl :
intitle:
inurl:
intext:
define:
site:
phonebook:
maps:
book:
froogle:
info:
movie:
All these also help yo find other things then vulnerables.
Anyway now I am going to explain you how to use some for finding vulnerability in websites.
1: intitle:
You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else.
intitle:rte/file_uploud
This is an example to find rte vulnerables.
2: inurl:
The inurl basicly looks for anything after the : in the site urls.
inurl:index.php?id=
3: intext:
you can find literally everything using intext, you could even use the inurl dorks whit this.
intext:"powered by mybb"
Using it we could find certain messages in a site. Above message looks for all mybb forums. Which means if I ever find a vulnerability in mybb forum and know how to locate it! then I can find out every mybb forum vulnerability using this dork.
4: define:
Google will define this massage and will look for what had this error for example,
define:"sql syntax error"
5: site:
Obvious, when we will use it, google will looks for a site .
site:iphone
Google will look for any site related with iphone.
6: phonebook:
It will look for the phone number related to it given name.
phonebook:wildhacker
7: maps:
Google will look on google maps for your search.
8: book:
Google has an online library store. If you want to find interesting books use this dork.
book:java language
This will look for any book gogole hase indexed whith java language in it.
9: froogle:
Used for froogle search instead of google.
10: info:
google looks for anything you inputted but only information about string which you have puted next to info: .
info:firefox
Above dork will show you alot off things about firefox like what is firefox etc.
11: movie:
You can find information about movies on google using this dork.
movie:watch hackers2 online
12: weather:
You can find information about weather on google using this dork.
weather: 21/12/2011 london
13: related:
This will look for anything related to what you have entered next to related:
related:egg
Google responds whith sites about chickons laying eggs.
14: link:
This one will works better instead of only looking in search url, it will also look in the site for urls that possibly are vulnerable.
link:index.php?id=
This is verry usefull I would say even more then inurl.
Vulnerability Approach:
Once you search website using above dorks, now its time to check whether the website is vulnerable to SQL injection or not, we simply put in a quote " ' " at the end of the url address.