Archive for the ‘Google hacking’ Category

Sql Poizon to find vulnerable web sites

Posted: June 29, 2012 in Google dork, Google hacking, Hacking tools, Scripting injections, SQL injections, Sql poizon, Sqli crawler, Vulnerable website, White hacker
Tags: ,
1

Once you learnt about Sql injection methods, you may need to analysis them practically. The problem is where I can find a vulnerable website for testing.

white hacker

The easiest way to find that is “Google dork” or we call “Google hacking database” (http://www.exploit-db.com/google-dorks/)

Anybody can manually search via Google dorks and find vulnerable sites. But Sql Poizon tool makes this more simple by automating dork search.  It has included so many dorks in different categories. Let see how this works,

1. Download Sql Poizon latest version – freeware.

sql poizon

 

 

 

2. Select any dork you need and click on Scan. Here you can select maximum number of sites and country.

select a dork

 

 

 

 

3. In result pane, will list vulnerable site urls according to your dork. To verify the urls, write click on one url and select “Send to Sqli Crawler” – All

send to sqli crawler

 

 

 

 

4. Urls will forward to Sqli Crawler to validate. Here they use simple Sql validation by putting single apostrophe at the end of url and check the error code. Click on Crawl to validate.

crawler

 

 

 

 

5. After verification of each links, sign will appear in front of link. Mostly right symbol and yellow bulb symbol sites are not vulnerable, but red cross symbol links likely to be vulnerable for Sql attacks.

vulnerable sites

 

 

 

 

Now you can test these uncommon sites with your own methods, but only for educational purpose.

Google hacking with google dork

Posted: August 11, 2011 in Google hacking
0

Google Hacking

 

 

 

 

 

 

 

 

 

 

Do you how to find vulnerable sites for ethical hacking

Just use google dorks – http://googledork.com/ .

Google dork is the place, where tips for advanced google search.  Specially for injections and xss, query modifiers are the best way in search.

Simple tips in dork,

allinurl:

If you start a query with [allinurl:], Google will restrict the results to those with all of the query words in the url. For instance, [allinurl: google search] will return only documents that have both “google” and “search” in the url.

Note that [allinurl:] works on words, not url components. In particular, it ignores punctuation. Thus, [allinurl: foo/bar] will restrict the results to page with the words “foo” and “bar” in the url, but won’t require that they be separated by a slash within that url, that they be adjacent, or that they be in that particular word order. There is currently no way to enforce these constraints.

inurl:

If you include [inurl: ] in your query, Google will restrict the results to documents containing that word in the url. For instance, [inurl:google search] will return documents that mention the word “google” in their url, and mention the word “search” anywhere in the document (url or no). Note there can be no space between the “inurl:” and the following word.

Putting “inurl:” in front of every word in your query is equivalent to putting “allinurl:” at the front of your query: [inurl:google inurl:search] is the same as [allinurl: google search].

Let’s find some sites which may vulnerable for sql injections,

inurl:index.php?id=

inurl:trainers.php?id=

inurl:article.php?ID=

inurl:buy.php?category=

Found any vulnerable site…?? then, “park at your own risk”