As you guys can see my last post of this blog to introduce myself . Now I am going to show you how to find SQL vulnerability in PHP websites .
Here we start
1. Go to Google.com
2. Type "inurl:news.php?id=" (without quotes)
3. You will find a number of websites listed up there , we will select a website which contain ?id= like URL .
4.I will take http://calidus.ro/en/news.php?id=1 .
5.At the end add %27 . 6.You will get a syntax error with text of " You have a SQL syntax error on line %" (% refers a random number) We finish . The website is vulnerable .
That site can be injected easily . I will be releasing dorks soon !
1. Go to Google.com
2. Type "inurl:news.php?id=" (without quotes)
3. You will find a number of websites listed up there , we will select a website which contain ?id= like URL .
4.I will take http://calidus.ro/en/news.php?id=1 .
5.At the end add %27 . 6.You will get a syntax error with text of " You have a SQL syntax error on line %" (% refers a random number) We finish . The website is vulnerable .
That site can be injected easily . I will be releasing dorks soon !
No comments:
Post a Comment