Today, In this post I am going to write about how we can find vulnerable SQL injection sites with the help of Google Search Engine.
SQL injection is a database related vulnerability which can help an attacker to gain all database information through URLs strings. Basically, SQL injection is one type of database vulnerability in web server. In Which, Attacker Can Insert different type of SQL statements, syntax and commands (also commonly refers to as a malicious payload.) and can also execute that statements on the server.
With This Attack, An Attacker can control a web application's database server or you can say Relational Database Management System. That's why, this is a very dangerous vulnerability, One Of The Oldest, And Easy To Exploit Vulnerability (Because Many Types Of Injections Frameworks and scripts are already developed by many hackers and also available on the internet, free- of - cost).
By Using This Vulnerability, Any Attacker Can Do Many Things But Some Of Them Given Below,
- Bypass Login Authentication Mechanism,
- Retrieve Sensitive Data From Database,
- Adding, Modifying and Deleting Contents in database,
How to find Vulnerable SQL injection Site
In Order To Find Vulnerable Sql Injection Sites, First You need to Open Google Search Engine Page In Your Browser And Then, Use Any Single Google Dorks For Finding SQL injection Vulnerable Sites Url. Now, You are wondering what is Google Dork?
What is Google Dorks?
Ans. Google Dorks are the special string that can filter google results in a specific way. In Simple Way, With the help of google dorks, any one can search anything over the Internet with accurate targeted search and get their accurate results.Get Big List Of Google Dorks For Finding SQLi Vulnerable Sites.
After Entering Google Dork String In Search Engine You Will Get Possibliy Vulnerable Sites list as result.
To Verify Site Vulnerability Put " ' " Single Comma at the end and then, check if web pages are displaying any types of database syntax error. its mean site is vulnerable for SQL Injection Attack.
Open Url In Separate Tab and Then add comma at the end Like This
If You got any types of database syntax error it means the site is vulnerable.Note: Google Dorks are illegal to Use. Use On Your Own Risk