Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do you completely compromise a machine given a text box or badly validated input box? This is a place to talk about code issues (PHP includes, null byte injection, backticks, pipe, etc...) as well as how to properly construct an SQL injection attack. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
finding sql vulnerable
Posted by: kenjii
Date: May 15, 2014 10:58AM

hi all i'am finaly back :P

My question is more about how to find vulnerability website than how to hack it .

For exemple from now i use the dork

Inurl:productdetail.php?id=

for find website vulnerable to sql

and after finish the google list i try :

inurl:productdetail.php?id= intext:lord of ring

for find new website.

My problem is that nom i can write everything i whant in "intext" i still get the same website, not in the same order by all time the same

I try with other dork like :

inurl:index.php?id=

Once the list is down i do like before :

Inurl:index.php?id= intext:star wars

But like for productdetail.php?id= i got similare result just not in the same order ...

As you can see i mostly search for shop that is find more interesting for sql

So is there something i do wrong ? Or maybe there is other way to find websites?

Options: ReplyQuote
Re: finding sql vulnerable
Posted by: tascio
Date: May 25, 2014 06:26PM

try writing a generic word and 1 specific url like this:

sport shopping "index.php?id="

he will search sites with index.php?id= in url that contain sport shopping words in texts site

(obvius, specific text between quotes)

no vuln site founded? u can change for variable for example:

sport shopping "index.php?product_id="

and google will show u others sport shopping sites that contain product_id variable

Options: ReplyQuote
Re: finding sql vulnerable
Posted by: kenjii
Date: May 26, 2014 03:28AM

haaa thank you very much i search for multiple way and haven't found really insteresting thing that can help me as u did again thank you very much

Options: ReplyQuote


Sorry, only registered users may post in this forum.