[TUTORIAL] How to make your own ''DORKS''

  • На форуме работает ручное одобрение пользователей. Это значит, что, если Ваша причина регистрации не соответствует тематике форума, а также Вы используете временную почту, Ваша учётная запись будет отклонена без возможности повторной регистрации. В дальнейшем - пожизненная блокировка обоих аккаунтов за создание мультиаккаунта.
  • Мы обновили Tor зеркало до v3!
    Для входа используйте следующий url: darkv3nw2...bzad.onion/
  • Мы вновь вернули telegram чат форуму, вступайте, общайтесь, задавайте любые вопросы как администрации, так и пользователям!
    Ссылка: https://t.me/chat_dark_time

hack-anonim

Пользователь

hack-anonim

Пользователь
24 Окт 2015
572
316
The Tutorial This guys the Hello will of to help you to the get Your own '' Dorks ''
A simple method to make your own DORKS.


What you need:


BRAIN 25ea8b5ab0e0f30dcf419c8cde134aa1.png

Time 4753d696ed12801f7a9f34023c19f269.png

PC 453362cdef0056fbb334e2992227ae22.png

A method of finding websites vulnerable to SQL injection is using what we call "dorks"


Dorks: They are like search criteria in which a search engine returns results related to your dork. The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.


Basic Formula of dork,

CODE:

"inurl:."domain"/"dorks" "

So you would normally understand it like this:

"inurl" = input URL

"domain" = your desired domain ex. .gov

"dorks" = your dork of your choice


Do you really think inurl: is the only google dork that you can use? Wrong there are many you can use!


You can use following words instead of inurl :

intitle:

inurl:

intext:

define:

site:

phonebook:

maps:

book:

froogle:

info:

movie:

All these also help yo find other things then vulnerables.

Anyway now I am going to explain you how to use some for finding vulnerability in websites.

1: intitle:

You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else.

intitle:rte/file_uploud

This is an example to find rte vulnerables.

2: inurl:

The inurl basicly looks for anything after the : in the site urls.

inurl:index.php?id=

3: intext:

you can find literally everything using intext, you could even use the inurl dorks whit this.

intext:"powered by mybb"

Using it we could find certain messages in a site. Above message looks for all mybb forums. Which means if I ever find a vulnerability in mybb forum and know how to locate it! then I can find out every mybb forum vulnerability using this dork.

4: define:

Google will define this massage and will look for what had this error for example,

define:"sql syntax error"

5: site:
Obvious, when we will use it, google will looks for a site .
site:iphone
Google will look for any site related with iphone.


6: phonebook:
It will look for the phone number related to it given name.
phonebook:wildhacker


7: maps:
Google will look on google maps for your search.


8: book:
Google has an online library store. If you want to find interesting books use this dork.
book:java language
This will look for any book gogole hase indexed whith java language in it.


9: froogle:
Used for froogle search instead of google.


10: info:

google looks for anything you inputted but only information about string which you have puted next to info: .
info:firefox
Above dork will show you alot off things about firefox like what is firefox etc.


11: movie:
You can find information about movies on google using this dork.
movie:watch hackers2 online


12: weather:
You can find information about weather on google using this dork.
weather: 21/12/2011 london


13: related:
This will look for anything related to what you have entered next to related:
related:egg
Google responds whith sites about chickons laying eggs.


14: link:
This one will works better instead of only looking in search url, it will also look in the site for urls that possibly are vulnerable.
link:index.php?id=
This is verry usefull I would say even more then inurl.


Vulnerability Approach:
Once you search website using above dorks, now its time to check whether the website is vulnerable to SQL injection or not, we simply put in a quote " ' " at the end of the url address.
 
  • Лайк
Reactions: nikak

О нас

  • Наше сообщество существует уже много лет и гордится тем, что предлагает непредвзятое, критическое обсуждение различных тем среди людей разных слоев общества. Мы работаем каждый день, чтобы убедиться, что наше сообщество является одним из лучших.

    Dark-Time 2015 - 2024

    При поддержке: XenForo.Info

Быстрая навигация

Меню пользователя