[TUT]Finding SQLi Vulnerable Websites: A guide for beginners

As we all know Sql injection is that vulnerability which is mostly can be found in any server. Weather high profile sites or low profile sites all are found to br vulnerable to SQL injection.
But the problem comes when we unable to find vulnerable sites. So today i am gonna show you how to find these sites vulnerable to SQL injection.

So let get started--->

Method 1(finding sql vulnerable sites on a server)

As we all know on a server huge amount of sites are hosted. So using server for finding vulnerable sites is a good option..
Now lets try our first method......

1. First select any random site like is selected www.artcarworld.org

2. Now you to do a process called Reverse IP Lookup to this site so as to find site hosted on server where our selected site is hosted. To do Reverae IP Lookup you have to go to this site http://www.yougetsignal.com/tools/web-sites-on-web-server/  and the selected site in the Remote address field and click on Check like in image given below.
 Now in image you can see the about 581 sites are hosted on same server where our selected site is hosted.

4. Now in image ip address of the server is given in top right corner, so copy.

5. Now open www.bing.com
6. In Search box type ip:98.129.229.170 php?id= and click on search icon.
Must replace 98.129.229.170 with your selected server ip.

7. After that bing will search the sites which have extension php?id= like this www.site.com/index.php?id= and it will give u a list of sites which ends with this extension php?id= like in image given below.

8. Now select any of one site and add ' after the url to check wheather site is vulnerable to SQL injection or not. If site is vunerable then its good if not then check other site from search result.

9. If found any site vulnerable to sql then Hack it using SQL Exploiter tools.

Method Second will be explained in next post.

Just comment if any problem and share my post.
[TUT]Finding SQLi Vulnerable Websites: A guide for beginners Reviewed by Aditya Joshi on 21:45:00 Rating: 5

17 comments:

  1. I want to ask one thing, Why I should know the website IP address? What's the point?

    ReplyDelete
    Replies
    1. bro there is no need to knw the ip of site

      Delete
  2. If You Want The IP You Can Get It With Dos .. Just Type Ping www.????.com

    ReplyDelete
    Replies
    1. excuse me please how do i know the site is vulnerable if i add '

      Delete
  3. if we add ' how do we know its vulnerable?? u should have shown example

    ReplyDelete
    Replies
    1. if you get an error message after adding ' then site is vunerable ...

      Delete
  4. needed help!!!
    a website gives me error like this " Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/****/public_html/news_desc.php on line 9 "

    so is it valnurable or not????

    ReplyDelete
  5. Saker_khan

    Hashkiller.co.uk or Havij

    ReplyDelete
  6. hello pls, how do i know whether the site is vunerabilty site

    ReplyDelete
  7. when u get the error mentioned as above ...the site is vulnerable
    mentioned by ANONYMOUS above

    ReplyDelete
  8. I Basically think we all don't have to face all these deceit and lies from our spouse...in a case of mine wen i got sick and tired of all the lies and deceit i had to contact a friend of mine to get me the contact of one of the best hackers in the states ..then i met cyberhacksolutions@gmail.com..He saved me from the lies of my cheating husband by hacking his phone..Incase you need help with hacking any phone or account or other jobs contact him via email/phone (CYBERHACKSOLUTIONS@GMAIL.COM) or +1 916 378 4978 Tell him i reffered you.He will help you

    ReplyDelete
  9. I Basically think we all don't have to face all these deceit and lies from our spouse...in a case of mine wen i got sick and tired of all the lies and deceit i had to contact a friend of mine to get me the contact of one of the best hackers in the states ..then i met cyberhacksolutions@gmail.com..He saved me from the lies of my cheating husband by hacking his phone..Incase you need help with hacking any phone or account or other jobs contact him via email/phone (CYBERHACKSOLUTIONS@GMAIL.COM) or +1 916 378 4978 Tell him i reffered you.He will help you

    ReplyDelete
  10. Excellent and professional investigative services. I hired him (CYBERPHONEHACKER@GMAIL.COM) for a very private and difficult matter of hacking my spouse phone, and he far exceeded my expectations. He helped me get the info(whatsapp, facebook, text messages, call logs etc) I needed faster and cheaper than I had imagined. The first time we spoke, we had a very long phone consultation in which he gave me all my options that he could think of to resolve my case, and he even recommended I try other options before hiring him, which shows that he is honest. I decided to hire him and I am glad I did. He is a fantastic investigator and a great person and
    if you have a dishonest partner don’t hesitate to send him a mail Contact: CYBERPHONEHACKER@GMAIL.COM or +1 916 302 2234

    ReplyDelete
  11. It is not so typical of me to refer professionals online but I feel like I owe a lot to (Mr Anderson) HYPERHACKTIVE1@GMAIL.COM who helped me track my cheating husband when he was having an affair, I got to find out that he has been lying to me for the past 5 months and seeing two other women. I was able to get direct access to his text messages, phone conversations and all social networks
    on his phone: what was most amazing was that his recently deleted messages were retrieved by cyberlaser. If you are getting less than you deserve in your relationship and want to be sure
    Contact : HYPERHACKTIVE1@GMAIL.COM

    ReplyDelete

Share your problems but don't spam here

All Rights Reserved by Cyber Sucks © 2015 - 2016

Contact Form

Name

Email *

Message *

Powered by Blogger.