Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Google DORK to find vulnerability in SQL INJECTION

11,135 views
Skip to first unread message

hackfreak

unread,
May 12, 2011, 7:42:21 AM5/12/11
to
Originally Posted IN ma blog

http://defendhackers.blogspot.com/2011/05/google-dorks-to-find-targets-for-sql.html

Following are Google Dork queries that can help you find sites that
might be vulnerable for SQL injection attacks. Please note that they
will not find sites that are vulnerable, they’ll just predict sites
that might be vulnerable, and you have to check them for
vulnerability. So here’s your list, [Guys may be u Can Use ACUNETIX Or
WEB Vulnerability Scanner for More Bugs]

allinurl:index.php?id=
allinurl:trainers.php?id=
allinurl:buy.php?category=
allinurl:article.php?ID=
allinurl:play_old.php?id=
allinurl:newsitem.php?num=
allinurl:readnews.php?id=
allinurl:top10.php?cat=
allinurl:historialeer.php?num=
allinurl:reagir.php?num=
allinurl:Stray-Questions-View.php?num=
allinurl:forum_bds.php?num=
allinurl:game.php?id=
allinurl:view_product.php?id=
allinurl:newsone.php?id=
allinurl:sw_comment.php?id=
allinurl:news.php?id=
allinurl:avd_start.php?avd=
allinurl:event.php?id=
allinurl:product-item.php?id=
allinurl:sql.php?id=
allinurl:news_view.php?id=
allinurl:select_biblio.php?id=
allinurl:humor.php?id=
allinurl:aboutbook.php?id=
allinurl:ogl_inet.php?ogl_id=
allinurl:fiche_spectacle.php?id=
allinurl:communique_detail.php?id=
allinurl:sem.php3?id=
allinurl:kategorie.php4?id=
allinurl:news.php?id=
allinurl:index.php?id=
allinurl:faq2.php?id=
allinurl:show_an.php?id=
allinurl:preview.php?id=
allinurl:loadpsb.php?id=
allinurl:opinions.php?id=
allinurl:spr.php?id=
allinurl:pages.php?id=
allinurl:announce.php?id=
allinurl:clanek.php4?id=
allinurl:participant.php?id=
allinurl:download.php?id=
allinurl:main.php?id=
allinurl:review.php?id=
allinurl:chappies.php?id=
allinurl:read.php?id=
allinurl:prod_detail.php?id=
allinurl:viewphoto.php?id=
allinurl:article.php?id=
allinurl:person.php?id=
allinurl:productinfo.php?id=
allinurl:showimg.php?id=
allinurl:view.php?id=
allinurl:website.php?id=
allinurl:hosting_info.php?id=
allinurl:gallery.php?id=
allinurl:rub.php?idr=
allinurl:view_faq.php?id=
allinurl:artikelinfo.php?id=
allinurl:detail.php?ID=
allinurl:index.php?=
allinurl:profile_view.php?id=
allinurl:category.php?id=
allinurl:publications.php?id=
allinurl:fellows.php?id=
allinurl:downloads_info.php?id=
allinurl:prod_info.php?id=
allinurl:shop.php?do=part&id=
allinurl:productinfo.php?id=
allinurl:collectionitem.php?id=
allinurl:band_info.php?id=
allinurl:product.php?id=
allinurl:releases.php?id=
allinurl:ray.php?id=
allinurl:produit.php?id=
allinurl:pop.php?id=
allinurl:shopping.php?id=
allinurl:productdetail.php?id=
allinurl:post.php?id=
allinurl:viewshowdetail.php?id=
allinurl:clubpage.php?id=
allinurl:memberInfo.php?id=
allinurl:section.php?id=
allinurl:theme.php?id=
allinurl:page.php?id=
allinurl:shredder-categories.php?id=
allinurl:tradeCategory.php?id=
allinurl:product_ranges_view.php?ID=
allinurl:shop_category.php?id=
allinurl:transcript.php?id=
allinurl:channel_id=
allinurl:item_id=
allinurl:newsid=
allinurl:trainers.php?id=
allinurl:news-full.php?id=
allinurl:news_display.php?getid=
allinurl:index2.php?option=
allinurl:readnews.php?id=
allinurl:top10.php?cat=
allinurl:newsone.php?id=
allinurl:event.php?id=
allinurl:product-item.php?id=
allinurl:sql.php?id=
allinurl:aboutbook.php?id=
allinurl:preview.php?id=
allinurl:loadpsb.php?id=
allinurl:pages.php?id=
allinurl:clanek.php4?id=
allinurl:announce.php?id=
allinurl:chappies.php?id=
allinurl:read.php?id=
allinurl:viewapp.php?id=
allinurl:viewphoto.php?id=
allinurl:rub.php?idr=
allinurl:galeri_info.php?l=
allinurl:review.php?id=
allinurl:iniziativa.php?in=
allinurl:curriculum.php?id=
allinurl:labels.php?id=
allinurl:story.php?id=
allinurl:look.php?ID=
allinurl:newsone.php?id=
allinurl:aboutbook.php?id=

Big Steel

unread,
May 12, 2011, 9:37:04 AM5/12/11
to
On 5/12/2011 7:42 AM, hackfreak wrote:
> Originally Posted IN ma blog
>
> http://defendhackers.blogspot.com/2011/05/google-dorks-to-find-targets-for-sql.html
>
>
>
> Following are Google Dork queries that can help you find sites that
> might be vulnerable for SQL injection attacks. Please note that they
> will not find sites that are vulnerable, they’ll just predict sites
> that might be vulnerable, and you have to check them for
> vulnerability. So here’s your list, [Guys may be u Can Use ACUNETIX Or
> WEB Vulnerability Scanner for More Bugs]
>
>

Do you know what a T-SQL Injection attack is? I as a client of a Web
site that is vulnerable to a T-SQL injection attack to a database on the
back-end of an application running on the Web site infrastructure is of
little or no concern to me as a user. It's up to the Web site to protect
the integrity of their data in a database.

http://en.wikipedia.org/wiki/SQL_injection

Mersad

unread,
Apr 22, 2023, 9:36:21 AM4/22/23
to
I think for now its really become a piece of shit method to finding SQLi! :) Since websites has been updated and the Databases including MySql become in new version and the updates about security measure is fully changed! So before do this techniques keep it mind the methodology for finding SQLi isn't possible anymore..

MASSAB IMRAN

unread,
Jul 15, 2023, 5:00:01 PM7/15/23
to
0 new messages