Seo Master present to you:
How to find vulnerable website for XSS | SQLI | LFI | RFI
Most of the people search in Google or other search engine to check the vulnerable website and in the end some are successful and some are not. This is also problem for newbie who don’t know how to check the vulnerable website.in starting When I was also found vulnerable website. so its very difficult for me and then later on I have researched on it and Now i make some Google Dorks for check vulnerable website for you.
So in my previous article I have explained that the top vulnerabilities and also tutorials on Cross site scripting. So it’s very easy to find vulnerable website with the help of search engine.
There are lot of dorks to check the website is it vulnerable or not. So you think that the lot of people use these Google dorks already. So you have to use your mind and check some another technique also. When you search in Google you have to check below of search bar some tools. so use these tools also like I give you one example the website update in 24 hours before . I have also search like below
inurl:".php?search="
inurl:".php?searchstring="
inurl:search.php?q=
inurl:com_feedpostold/feedpost.php?url=
inurl:/poll/default.asp?catid=
inurl:/search_results.php?search=
inurl:scrapbook.php?id=
inurl:headersearch.php?sid=
Check website for SQL injection SQLI:
inurl:"id=" & intext:"Warning: mysql_fetch_assoc()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: mysql_fetch_array()
inurl:"id=" & intext:"Warning: session_start()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: is_writable()
inurl:"id=" & intext:"Warning: getimagesize()
inurl:"id=" & intext:"Warning: Unknown()
inurl:"id=" & intext:"Warning: require()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: pg_exec()
inurl:"id=" & intext:"Warning: mysql_result()
inurl:"id=" & intext:"Warning: mysql_num_rows()
inurl:"id=" & intext:"Warning: mysql_query()
inurl:"id=" & intext:"Warning: array_merge()
inurl:"id=" & intext:"Warning: preg_match()
How to check Sub domain :
If you want to find vulnerabilities of website . so you should go for sub domain. The best dork for searching subdomain is below
Site: URL –inurl:www
Like if I want to find the subdomain of Google . so it’s like below and don’t add Http and www with the domain
Site: google.com –inurl:www
Hope you like my tutorials. If you want to ask any question you can ask me thanks
2013, By: Seo Master