SQL injection Dorks with examples
Step 1:
Open your preferred web browser (I’m using Firefox).
Navigate to www.google.com.
Copy and paste the following dork into the search
bar: details.php?id=.
The search results will display websites with details.php?id= in
their url.
Open each site individually and verify that the dork is present
in their URLs.
Step 2:
Now that we have identified potential vulnerable sites using
Google dorks, we can proceed to test them for SQL injection
using a tool called sqlmap.
sqlmap is already in Kali Linux; however, if you don’t have it,
you can install it by running the following command:
sudo apt install sqlmap
Once the installation is complete, run the following command
to find SQL injection vulnerabilities using sqlmap:
sqlmap -u "put_the_URL_of_the_site+here" --dbs
Sqlmap will test each parameter in the URL for SQL injection
and provide the database type along with a list of databases.
Step 3:
Once the SQL injection vulnerability has been successfully
identified and exploited, you can leverage additional flags in
conjunction with sqlmap to glean further insights about the
underlying database. eg What databases are presents, the
number of tables they have etc.
For example:
To find the number of tables in a specific database, use the
command:
sqlmap -u "<URL of the site>" -D <database name> --tables
To determine the names of the columns in a particular table,
use:
sqlmap -u "put_the_URL_of_the_site+here" -D <database name> -T
<table name> --columns
To retrieve the data from a specific column, use:
sqlmap -u "put_the_URL_of_the_site+here" -D <database name> -T
<table name> -C <c
By following these steps, you will be able to leverage Google
dorks and sqlmap to identify and exploit SQL injection
vulnerabilities, gaining access to the underlying databases and
extracting valuable information. However, it’s crucial to note
that performing these actions on websites without permission
is illegal and unethical. This blog post aims to provide
knowledge and raise awareness about SQL injection
vulnerabilities for educational purposes only.