Sql Injection - Hacking Websites
In this post we will hack a website and obtain its data using SQL injection attack. We will not use any tools. This is one of the few tuts on this blog for which you don't need Kali Linux. You can easily carry it out from Windows machine on any normal browser.Finding A Vulnerable Website
The first step is obviously finding a vulnerable website. There are a
lot of ways to do so. the most common method of searching is by using
dorks.
you can using BinGoo.
Dorks
Dorks are an input query into a search engine (Google) which attempt to
find websites with the given text provided in the dork itself. Basically
it helps you to find websites with a specific code in their url which
you know is a sign of vulnerability.
A more specific definition could be "Advanced Google searches used to
find security loopholes on websites and allow hackers to break in to or
disrupt the site.
exaple:
inurl:"hack.php?id="
HOW TO Testing sites for vulnerabilities
exaple: www.hack.php?id=5 same www.hack.php?id=5'
all you have to do is insert an asterisk ' at the end of the url instead of 5
thats all thanks.