As we had discussed earlier about the SQL Injection, it is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. We discussed there about the login screen bypassing, that might have been beneficial to the so called script kiddies, who approach hacking just through available scripts and codes on the web, without particular interest in the field. Anyways, you came to know, who exactly are the script kiddies.
We learnt the basics about what is SQL Injection but how can you find out if a website you are testing on, is vulnerable to SQL injection or not? Fine!! Some might be knowing, but for those who don’t know, I am going to quantify the whole process.
1. Use google dorks to find out the vulnerable sites, putting the following queries on google search engine:
inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
Now you get a list displayed on the result page. Select one by one. Suppose we select the first result.Click on it.
2. Put ‘ (single quote) at the extreme end of the link displayed on the address bar and press ‘enter’.
3. Now if a page opens up saying there is an SQL Error, that means the website is 110% vulnerable to SQL Injection.
Now that we dont want to dig our brains, we let the Havij tool work out for us. To download it, click here.
4. Remove the ‘ (single quote) we added at the end of the web link, copy it and paste it to Havij as shown:
5. When you click on the analyse button, the scanning begins, and you get to see a lot more database retrieval options, as shown below. An attacker can even play with the database tables, dumping them at their wish.
Note: The live testing is strictly prohibited. This is only for educational purpose by CYBERSAVIOURS. Keep enjoying!!
how do i hide my ip?
Hi, there are numerous ways to do so! You can find many application on the web that promises to keep you anonymous! I know of TOR as one of the popular IP hiding apps as it passes through multiple proxies for every request you make on the web, thus preserving your anonymity at a great extent. There are premium services available too for this! Also some opt for popular VPN services provided by HideMyAss, Strong VPN, etc. You can get across some important points regarding IP hiding and VPN at http://thecybersaviours.com/virtual-private-networks
Thanks and keep reading!
how can i increase my lan speed when so many users are there??
nice [ TUT ] thanks
very informative tutorial.it was very help full.can one find out if a particular website is prone to sqli rather than targeting random sites using google dorks ?
thanks in advance
Thanks Varun! The Google Dorks are the quicker alternative to target only those websites that we know are vulnerable to SQLi. In pentesting, when we need to check a website for SQLi, google dorks are of no use then. Like in this article, skip the first step and proceed with the subsequent points. I will try focussing more on SQLi in my upcoming posts if I can make it more understandable to my readers. Thanks for visiting!
hi…very nice article.
i was trying to hack this site.
http://www.tafssp.com but am unable to find the vulneribility.
please help