All great things are simple, and many can be expressed in single words: freedom, justice, honor, duty, mercy, hope

Thursday, October 18, 2012

How to Find Vulnerable website?


first of all this is for newbie who have problems finding vulnerable websites.


- The important thing is : To Be Creative !


Why you need to be creative??


Well if we take an example of this dork "inurl:members.php?id=" a lot of people are using it so probly if you use it you'll just find your self trying to hack a website that is already hacked or the database its fucked even if you think about skiping to the page rank 100+ well you're not the only one who thought about this idea, anyway the meaning of Be creative is to add some keywords to your dorks for example "inurl:members.php?id= shop" this dork can be useful if you're trying to get some credit card numbers.

********************************************


The second thing is when you google one of your dorks try to change the results date, area etc when you type search see at the left of the page you'll find some options like tools then its easy to understand this is for finding websites never been hacked.
There is a lot of methods to get your skills better all what you need is reading tutorials, and others opinions and the key of success is to be patient.

************************************************** *

Now the methode to get 90% vulnerable websites is to use these dorks <=
I am sure some of you already know this like I am sure there's some who don't know about it so as i said its for newbie.

Take one of the following dorks and google it then go to page rank 10 or +
and choose a website these dorks will show you the error which means that the website is vulnerable =>

Code:

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
inurl:"id=" & intext:"Warning: ilesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: filesize()
inurl:"id=" & intext:"Warning: require()

3 comments:

Edyculay said...

great, but how to target high page rank sites ?

Faizan Mehmood said...

Great Man.... Thums-up (Y)

K Navatha said...

Good article with excellent idea! I appreciate your post.Regards Sarkari Result

Post a Comment

UA-35960349-1