[TUT]Finding SQLi Vulnerable Websites: A guide for beginners

As we all know Sql injection is that vulnerability which is mostly can be found in any server. Weather high profile sites or low profile sites all are found to br vulnerable to SQL injection.
But the problem comes when we unable to find vulnerable sites. So today i am gonna show you how to find these sites vulnerable to SQL injection.

So let get started--->

Method 1(finding sql vulnerable sites on a server)

As we all know on a server huge amount of sites are hosted. So using server for finding vulnerable sites is a good option..
Now lets try our first method......

1. First select any random site like is selected www.artcarworld.org

2. Now you to do a process called Reverse IP Lookup to this site so as to find site hosted on server where our selected site is hosted. To do Reverae IP Lookup you have to go to this site http://www.yougetsignal.com/tools/web-sites-on-web-server/  and the selected site in the Remote address field and click on Check like in image given below.
 Now in image you can see the about 581 sites are hosted on same server where our selected site is hosted.

4. Now in image ip address of the server is given in top right corner, so copy.

5. Now open www.bing.com
6. In Search box type ip:98.129.229.170 php?id= and click on search icon.
Must replace 98.129.229.170 with your selected server ip.

7. After that bing will search the sites which have extension php?id= like this www.site.com/index.php?id= and it will give u a list of sites which ends with this extension php?id= like in image given below.

8. Now select any of one site and add ' after the url to check wheather site is vulnerable to SQL injection or not. If site is vunerable then its good if not then check other site from search result.

9. If found any site vulnerable to sql then Hack it using SQL Exploiter tools.

Method Second will be explained in next post.

Just comment if any problem and share my post.
[TUT]Finding SQLi Vulnerable Websites: A guide for beginners Reviewed by Aditya Joshi on 21:45:00 Rating: 5

15 comments:

  1. I want to ask one thing, Why I should know the website IP address? What's the point?

    ReplyDelete
    Replies
    1. bro there is no need to knw the ip of site

      Delete
  2. If You Want The IP You Can Get It With Dos .. Just Type Ping www.????.com

    ReplyDelete
    Replies
    1. excuse me please how do i know the site is vulnerable if i add '

      Delete
  3. if we add ' how do we know its vulnerable?? u should have shown example

    ReplyDelete
    Replies
    1. if you get an error message after adding ' then site is vunerable ...

      Delete
  4. needed help!!!
    a website gives me error like this " Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/****/public_html/news_desc.php on line 9 "

    so is it valnurable or not????

    ReplyDelete
  5. Saker_khan

    Hashkiller.co.uk or Havij

    ReplyDelete
  6. hello pls, how do i know whether the site is vunerabilty site

    ReplyDelete
  7. when u get the error mentioned as above ...the site is vulnerable
    mentioned by ANONYMOUS above

    ReplyDelete
  8. I Basically think we all don't have to face all these deceit and lies from our spouse...in a case of mine wen i got sick and tired of all the lies and deceit i had to contact a friend of mine to get me the contact of one of the best hackers in the states ..then i met cyberhacksolutions@gmail.com..He saved me from the lies of my cheating husband by hacking his phone..Incase you need help with hacking any phone or account or other jobs contact him via email/phone (CYBERHACKSOLUTIONS@GMAIL.COM) or +1 916 378 4978 Tell him i reffered you.He will help you

    ReplyDelete
  9. I Basically think we all don't have to face all these deceit and lies from our spouse...in a case of mine wen i got sick and tired of all the lies and deceit i had to contact a friend of mine to get me the contact of one of the best hackers in the states ..then i met cyberhacksolutions@gmail.com..He saved me from the lies of my cheating husband by hacking his phone..Incase you need help with hacking any phone or account or other jobs contact him via email/phone (CYBERHACKSOLUTIONS@GMAIL.COM) or +1 916 378 4978 Tell him i reffered you.He will help you

    ReplyDelete

Share your problems but don't spam here

All Rights Reserved by Cyber Sucks © 2015 - 2016

Contact Form

Name

Email *

Message *

Powered by Blogger.