Website Hacking : Creating Your Own Google Dorks And Find Vulnerability In Website

In previous article on website hacking you discussed about How To Find Vulnerability In Specific Websites With Specific Domains. In that I have explained about how to find Vulnerability in specific domains like .Gov etc. Today in this tutorial i will explain how to create your own dorks, Advanced dorks!!!!

Yet I have explained following tutorials about Website Hacking

 

Website Hacking

A method of finding websites vulnerable to SQL injection is using what we call “dorks”

Dorks : They are like search criteria in which a search engine returns results related to your dork. The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.

Basic Formula of dork,

“inurl:.”domain”/”dorks” “

So you would normally understand it like this:
“inurl”      =  input URL
“domain” =  your desired domain ex. .gov
“dorks”    =  your dork of your choice

Do you really think inurl: is the only google dork that you can use? Wrong there are many you can use!

You can use following words instead of inurl :

intitle:
inurl:
intext:
define:
site:
phonebook:
maps:
book:
froogle:
info:
movie:
weather:
related:
link:

All these also help yo find other things then vulnerables.

Anyway now I am going to explain you how to use some for finding vulnerability in websites.

1: intitle:

You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else.

intitle:rte/file_uploud

This is an example to find rte vulnerables.

2: inurl:

The inurl basicly looks for anything after the : in the site urls.

inurl:index.php?id=

3: intext:

you can find literally everything using intext, you could even use the inurl dorks whit this.

intext:”powered by mybb”

 

Using it we could find certain messages in a site. Above message looks for all mybb forums. Which means if I ever find a vulnerability in mybb forum and know how to locate it! then I can find out every mybb forum vulnerability using this dork.

4: define:

Google will define this massage and will look for what had this error for example,

define:”sql syntax error”

5: site:

Obvious, when we will use it, google will looks for a site .

site:cocacola

Google will look for any site related with cocacola.

6: phonebook:

It will look for the phone number related to it given name.

phonebook:wildhacker

7: maps:

Google will look on google maps for your search.

8: book:

Google has an online library store. If you want to find interesting books use this dork.

book:java language

This will look for any book gogole hase indexed whith java language in it.

9: froogle:

Used for froogle search instead of google.

10: info:

google looks for anything you inputted but only information about string which you have puted next to info: .

info:firefox

Above dork will show you alot off things about firefox like what is firefox etc.

11: movie:

You can find information about movies on google using this dork.

movie:watch hackers2 online

12: weather:

You can find information about weather on google using this dork.

weather: 21/12/2011 london

13: related:

This will look for anything related to what you have entered next to related: .

related:egg

Google responds whith sites about chickons laying eggs.

14: link:

This one will works better instead of only looking in search url, it will also look in the site for urls that possibly are vulnerable.

link:index.php?id=

This is verry usefull I would say even more then inurl.

Vulnerability Approach :

Once you search website using above dorks, now its time to check whether the website is vulnerable to SQL injection or not, we simply put in a quote “ ” at the end of the url address.

So our site will look like this,

http://www.site.com/index.php?id=123′

If the site is vulnerable, you will see the following error or something similar somewhere on the page.

” Error executing query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\\\’ ORDER BY date_added DESC’ at line 1 “

If you get this, the site should be vulnerable. So far so good!

Now you can use either Havij SQL Injection Software to hack website or Manual website hacking technique.

Thats it…

So friends, I hope you will like this
Creating Your Own Google Dorks And Find Vulnerability In Website Tutorial.
I have personally tested this method and found all are working. If you have any problem in above article, please mention it in comments section.

Enjoy Website Hacking ……..

Advertisements

2 thoughts on “Website Hacking : Creating Your Own Google Dorks And Find Vulnerability In Website”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s