[TUT]Finding SQLi Vulnerable Websites: A guide for beginners

As we all know Sql injection is that vulnerability which is mostly can be found in any server. Weather high profile sites or low profile sites all are found to br vulnerable to SQL injection.
But the problem comes when we unable to find vulnerable sites. So today i am gonna show you how to find these sites vulnerable to SQL injection.

So let get started--->

Method 1(finding sql vulnerable sites on a server)

As we all know on a server huge amount of sites are hosted. So using server for finding vulnerable sites is a good option..
Now lets try our first method......

1. First select any random site like is selected www.artcarworld.org
2. Now you to do a process called Reverse IP Lookup to this site so as to find site hosted on server where our selected site is hosted. To do Reverae IP Lookup you have to go to this site http://www.yougetsignal.com/tools/web-sites-on-web-server/  and the selected site in the Remote address field and click on Check like in image given below.
 Now in image you can see the about 581 sites are hosted on same server where our selected site is hosted.

4. Now in image ip address of the server is given in top right corner, so copy.

5. Now open www.bing.com
6. In Search box type ip: php?id= and click on search icon.
Must replace with your selected server ip.

7. After that bing will search the sites which have extension php?id= like this www.site.com/index.php?id= and it will give u a list of sites which ends with this extension php?id= like in image given below.

8. Now select any of one site and add ' after the url to check wheather site is vulnerable to SQL injection or not. If site is vunerable then its good if not then check other site from search result.
9. If found any site vulnerable to sql then Hack it using SQL Exploiter tools.

Method Second will be explained in next post.

Just comment if any problem and share my post.

Post a Comment