A method of finding websites vulnerable to SQL injection is using what we call "dorks"
Dorks : They are like search criteria in which a search engine returns results related to your dork. The process can be a little time consuming, but the outcome will be worth it after learning on how to use dorks.Basic Formula of dork,
So you would normally understand it like this:
"inurl" = input URL
"domain" = your desired domain ex. .gov
"dorks" = your dork of your choice
Do you really think inurl: is the only google dork that you can use? Wrong there are many you can use!
You can use following words instead of inurl :
All these also help yo find other things then vulnerables.
Anyway now I am going to explain you how to use some for finding vulnerability in websites.
You can use the intitle to find anything in the title of the website. Which also could be usefull to find downloads or anything else.
This is an example to find rte vulnerables.
The inurl basicly looks for anything after the : in the site urls.
you can find literally everything using intext, you could even use the inurl dorks whit this.
intext:"powered by mybb"
Using it we could find certain messages in a site. Above message looks for all mybb forums. Which means if I ever find a vulnerability in mybb forum and know how to locate it! then I can find out every mybb forum vulnerability using this dork.
Google will define this massage and will look for what had this error for example,
define:"sql syntax error"
Obvious, when we will use it, google will looks for a site .
Google will look for any site related with cocacola.
It will look for the phone number related to it given name.
Google will look on google maps for your search.
Google has an online library store. If you want to find interesting books use this dork.
This will look for any book gogole hase indexed whith java language in it.
Used for froogle search instead of google.
google looks for anything you inputted but only information about string which you have puted next to info: .
Above dork will show you alot off things about firefox like what is firefox etc.
You can find information about movies on google using this dork.
movie:watch hackers2 online
You can find information about weather on google using this dork.
weather: 21/12/2011 london
This will look for anything related to what you have entered next to related: .
Google responds whith sites about chickons laying eggs.
This one will works better instead of only looking in search url, it will also look in the site for urls that possibly are vulnerable.
This is verry usefull I would say even more then inurl.
Vulnerability Approach :
Once you search website using above dorks, now its time to check whether the website is vulnerable to SQL injection or not, we simply put in a quote " ' " at the end of the url address.
So our site will look like this,
If the site is vulnerable, you will see the following error or something similar somewhere on the page.
" Error executing query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\\\' ORDER BY date_added DESC' at line 1 "
If you get this, the site should be vulnerable. So far so good!
Now you can use either Havij SQL Injection Software to hack website or Manual website hacking technique.