Google Dorks To Find Targets For SQL Injection

Google Dorks To Find Targets For SQL Injection

---

Following are Google Dork queries that can help you find sites that might be vulnerable for SQL injection attacks. Please note that they will not find sites that are vulnerable, they’ll just predict sites that might be vulnerable, and you have to check them for vulnerability. So here’s your list,

Phishing

Phishing

---

What Is Phishing
Hack Gmail Account | Phishing
Hack Yahoo Password | Phishing
Phishing Vectors
Phishing Countermeasures
How To Hack Facebook Account | Phishing

DNS Poisoning

DNS Poisoning

---

DNS Poisoning
Intranet DNS Poisoning
Remote DNS Poisoning
Proxy DNS Poisoning
DNS Cache Poisoning
DNS Poisoning Countermeasures

SQL Injection Performing Attacks

SQL Injection Performing Attacks

---

As per today it is hard to find SQL injection vulnerability in web applications but if you find then here are some basic methods to exploit them. SQL injection vulnerability can be exploited using login forms, search boxes, product pages and URLs. Login forms, search boxes can checked for vulnerability by typing string of following pattern,

‘ a ’ = ‘ a ’

‘ c ’ = ‘ b ’

or just

‘ ’ = ‘ ’

Packet Sniffing

Packet Sniffing

---

Packet Sniffer
Wireshark Tutorial
Some Terminologies Related To Sniffing
ARP Poisoning
Hack A Hacker Using Sniffer
Your Safety Over LAN Is Compromised
Packet Sniffing Countermeasure

Why Applications Are Vulnerable To SQL Injection Attacks

Why Applications Are Vulnerable To SQL Injection Attacks

---

In this following post we will discus why applications are vulnerable to SQL injection. If you don't have previous knowledge of SQL please have a look on previous post about SQL injection basics. The reason most of the web applications are vulnerable to SQL injections is that developers forget to sanitize input and let SQL statements and queries pass to database directly. Web technologies used for web application development also plays an important role in making an application vulnerable. For example all script based languages used for creating dynamic contents like ASP, ASP.NET, PHP, JSP, C# and CGI are vulnerable to SQL injection attacks if input is not handled properly. Honestly speaking this post will be more understandable to those only who have real time experience at least for once creating web applications using any of the above development tools.

SQL Injection Basics

SQL Injection Basics

---

SQL injection can be termed as a code injection attack since all queries in SQL are nothing but interpreted codes. SQL injection is one the most dangerous web application vulnerabilities and most attackers consider it as a cream part while hacking since it can allow attacker to take over database and take full control of it. With time and tide web application security has evolved with respect to SQL injections since they were most common attacks used by attackers so today its little hard to find SQL injection vulnerabilities in web applications. But due to its large possibilities of attack styles SQL injection is one of the vastest topics that can be covered in web application security.

Web Application Security

Web Application Security

---

Web Application Hacking Basics - 1
Web Application Hacking Basics - 2

Web Based Attacks:
Cross Site Scripting
Cross Site Scripting The Basics
Performing Reflected XSS Attacks
Performing Stored XSS Attacks
XSS Countermeasures.

Frame Injection Flaws

Session Management Attacks
Session Hacking The Basics
Attacks Against Weak Token Generation 
Attacks Aginst Mishandling Of Tokens
Session Management Attacks Countermeasures

Cross Site Request Forgery
Cross Site Request Forgery The Basics
Forced Browsing Attack
Hacked Session XSRF Attacks 
XSRF Attacks Countermeasures 

JSON XSRF Attacks
JSON XSRF Attacks The Basics 
JSON XSRF Attacks Finding And Exploiting Vulnerability 
XSRF Countermeasures  

Code And Command Injection:
SQL Injection
SQL Injection Basics
Why Web Applications Are Vulnerable To SQL Injection Attacks
SQL Injection Performing Attacks
SQL Injection Using Havij
Google Dorks To Find Targets For SQL Injection 
SQL Injection Countermeasures 

OS Command Injection
Command Injection Flaws
Command Injection | Finding And Exploiting Flaws
SQL Injection Just A Little Beyond Injection