SQL Injection (SQLI) Part-1
I hope you all enjoyed my previous article on Email spoofing, if not you'll can go to my profile and check it.
My this article totally different from previous one. In this article i'll be teaching how to find vulnerable websites for SQL injection.
SQL injection is a code injection technique, used to attack data-driven applications. The SQL Injection attack allows external users to read details from the database, so attackers can dump whole website database and find admin username/password details.
Note: Unfortunately we CANNOT SQLi attack on all websites. The websites need a SQLi vulnerability in order to do this technique.
Website URL need a parameter like php?id=4 / php?id=any number to inject.
For example: http://www.example.com/products.php?id=5 www.example.com/products.php?id=5 <= This type of website is needed in order to do this trick
Here you can find http://pastebin.com/Tdvi8vgK 7000 google dork lists
Note: These dorks will search out other countries websites Too, if you like to do this to Pakistan based websites ADD site:.pk at the end of the dork for example: about.php?cartID= site:.pk
Once you find a website, then you can check for SQLi vulnerability.
Put an ' (Apostrophe) at the end of the URL Parameter.
Google Dorks
Learn more about
Click here
 |
| SQL-Injection-Finding-Vulnerable-Websites |
I hope you all enjoyed my previous article on Email spoofing, if not you'll can go to my profile and check it.
My this article totally different from previous one. In this article i'll be teaching how to find vulnerable websites for SQL injection.
SQL injection is a code injection technique, used to attack data-driven applications. The SQL Injection attack allows external users to read details from the database, so attackers can dump whole website database and find admin username/password details.
Note: Unfortunately we CANNOT SQLi attack on all websites. The websites need a SQLi vulnerability in order to do this technique.
Website URL need a parameter like php?id=4 / php?id=any number to inject.
For example: http://www.example.com/products.php?id=5 www.example.com/products.php?id=5 <= This type of website is needed in order to do this trick
Here you can find http://pastebin.com/Tdvi8vgK 7000 google dork lists
Note: These dorks will search out other countries websites Too, if you like to do this to Pakistan based websites ADD site:.pk at the end of the dork for example: about.php?cartID= site:.pk
Once you find a website, then you can check for SQLi vulnerability.
Put an ' (Apostrophe) at the end of the URL Parameter.
700+ Do Follow High PR Forums Sites List
Google Dorks
Learn more about
Click here
Comments
Post a Comment
আপনার ভালো কমেন্টের জন্য লেখক কে আরো সুন্দর পোস্ট লিখতে অনুপ্রেরণা যোগাবে।