How to find vulnerable website for XSS | SQLI | LFI | RFI
Most of the people search in Google or other search engine to check the vulnerable
website and in the end some are successful and some are not. This is also
problem for newbie who don’t know how to check the vulnerable website.in starting When I was also
found vulnerable website. so its very difficult for me and then
later on I have researched on it and Now i make some Google Dorks for check
vulnerable website for you.
So in my previous
article I have explained that the top vulnerabilities and also tutorials on
Cross site scripting. So it’s very easy to find vulnerable website with the
help of search engine.
There are lot of dorks to check the website is it vulnerable or not. So you think that the lot of people use these Google dorks already. So you have to use your mind and check some another technique also. When you search in Google you have to check below of search bar some tools. so use these tools also like I give you one example the website update in 24 hours before . I have also search like below
There are lot of dorks to check the website is it vulnerable or not. So you think that the lot of people use these Google dorks already. So you have to use your mind and check some another technique also. When you search in Google you have to check below of search bar some tools. so use these tools also like I give you one example the website update in 24 hours before . I have also search like below
Check website for Cross site scripting XSS:
inurl:".php?search="
inurl:".php?searchstring="
inurl:search.php?q=
inurl:com_feedpostold/feedpost.php?url=
inurl:/poll/default.asp?catid=
inurl:/search_results.php?search=
inurl:scrapbook.php?id=
inurl:headersearch.php?sid=
Check website for SQL injection SQLI:
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: require()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
How to check Sub domain :
If you want to find vulnerabilities of website . so you
should go for sub domain. The best dork for searching subdomain is below
Site: URL –inurl:www
Like if I want to find the subdomain of Google . so it’s
like below and don’t add Http and www with the domain
Site: google.com –inurl:www
Hope you like my tutorials. If you want to ask any question
you can ask me thanks
3 comments:
Right here is the right website for everyone who wishes to find out about this topic.
You understand so much its almost hard to argue with you (not that I actually will need to…HaHa).
You certainly put a fresh spin on a topic that has
been written about for decades. Wonderful stuff, just great!
my web site ... fast ways to make money online
Electrocopia.com is a electronic online web store, which sells the cheapest electronics products to all customer on the internet.
camera,
digital camera,
samsung electronics,
camcorder,
online electronics,
apple iphone 5,
electronics store,
online electronics store,
sony electronics,
electronics store online
cameras,
I do accept as true with all of the concepts you have
introduced for your post. They're very convincing and can definitely work. Nonetheless, the posts are too short for beginners. Could you please prolong them a bit from subsequent time? Thank you for the post.
Check out my web-site - todotaiwanes
Post a Comment