However, creativity is your best tool when it comes to finding vulnerable sites, and after practicing with some google dorks, you will be able to create your own. For example, the l33tmir website has a list of hundreds of google dorks. Many websites offer a comprehensive list of google dorks.
For that, we need to know which words in the url make a website potentially vulnerable to a SQL injection attack. Now basically what a dork does is uses Google's "inurl" command to return websites which have a specific set of vulnerable words in url. Basically it helps you to find websites with a specific code in their url which you know is a sign of vulnerability.Ī more specific definition could be "Advanced Google searches used to find security loopholes on websites and allow hackers to break in to or disrupt the site." (from 1337mir) the most common method of searching is by using dorks.ĭorks are an input query into a search engine (Google) which attempt to find websites with the given text provided in the dork itself. The first step is obviously finding a vulnerable website. If you need to get a big picture of what a SQL injection attack actually does, take a look at this tutorial on Basics Of SQL Injection. You can easily carry it out from Windows machine on any normal browser. This is one of the few tuts on this blog for which you don't need Kali Linux. In this post we will hack a website and obtain its data using SQL injection attack. Hacking Websites Using SQL Injection Manually
0 kommentar(er)
