How To Find Vulnerable Websites | TUT |

First off you need to download the actual tool itself (No this is not my own tool)
Download ; virus scan is at the bottom.

Once you’ve downloaded the file above you need to extract it to a place you will know where to find it. A picture of the programme itself is below.

[Image: dnjFaQ.png]

NOTE- Make sure you don’t extract the tool away from the folder because that’s where the dorks are.

Ok so now for the tutorial, this is a little long but who ever said hacking was easy?, just simply follow these steps bellow and then you will be successful in “hacking” your opponent.

Step 1 -First you will need to click the “Scanner” tab and then the little “+” icon on the “All dorks”. Once done you will see a list like this ;
[Image: Qwsb0M.png]
this is called a “dork” you can pick anyone you want by clicking the little “+” icon again.

Step 2 – Next you will need to pick a specific “dork” i’m going to be using ASP with dork ; “.asp?bookID=” you can use any….it really doesn’t matter. So now our stage process should be as shown below.
[Image: hkZGIS.png]

Step 3 – Now you will need to press the scan button, I can’t really explain this part so I got a picture for you, make sure to press “Remove duplicates”.
[Image: RQBeM5.png]

Step 4 – Once completed “Step 3” the next thing you will need to do is right click your list (the white part) and press “Send to SQLI Crawler” as so.
[Image: aYNRVU.png]

Step 5 – Once in the SQLI Crawler you will need to press “Crawl” this will find you the vulnerable links from the ones you just just imported, this didn’t work for me as good as I was hoping because I used a dork basically that doesn’t find many vulnerable sites, this tutorial is just an example of what it’l be like. [Image: CvFT8o.png]

Step 6) Following on from “Step 5” the list takes a while because the tool itself is finding if its vulnerable or not. It should look a little like this [Image: JJIF4i.png]

Step 7 – Once your list is populated you have now got yourself some vulnerable sites to SQL inject/upload shell.

I would of continued the tutorial into more depth of executing SQL injection with this tool but there’s already tutorials around that you can use. If you need any help with SQL injecting/uploading a shell just PM me, I’ll be more than happy to help. I know you might think this tutorial is well pointless but it’s a simple way of finding vulnerable websites whilst using some of the best dorks. Oh and before you guys say isn’t it better just using “Google” well in my opinion no, this method tells you if its vulnerable and gives you over +50 sites at a time which will keep you busy.

I hope you liked this tutorial and remember whenever hacking/exploiting sites always use a proxy, here’s a few proxy’s that I use. (best in my opinion)[/COLOR]



PHP Code:
Antivirus    Version    Last update    Result
-V3    2011.04.12.01    2011.04.12    -AntiVir    2011.04.12    -Antiy-AVL    2011.04.12    -Avast    4.8.1351.0    2011.04.12    -Avast5    5.0.677.0    2011.04.12    -AVG    2011.04.12    -BitDefender    7.2    2011.04.12    -CAT-QuickHeal    11.00    2011.04.12    -ClamAV    2011.04.12    -Commtouch    2011.04.06    -Comodo    8317    2011.04.12    -DrWeb    2011.04.12    -Emsisoft    2011.04.12    -eSafe    2011.04.12    -eTrust-Vet    36.1.8268    2011.04.12    -F-Prot    2011.04.12    -F-Secure    9.0.16440.0    2011.04.12    -Fortinet    2011.04.12    -GData    22    2011.04.12    -Ikarus    T3.    2011.04.12    -Jiangmin    13.0.900    2011.04.12    -K7AntiVirus    9.96.4360    2011.04.11    -Kaspersky    2011.04.12    -McAfee    5.400.0.1158    2011.04.12    -McAfee-GW-Edition    2010.1C    2011.04.12    -Microsoft    1.6702    2011.04.11    -NOD32    6037    2011.04.12    -Norman    6.07.07    2011.04.12    -Panda    2011.04.12    -PCTools    2011.04.12    -Prevx    3.0    2011.04.12    -Rising    2011.04.12    -Sophos    4.64.0    2011.04.12    -SUPERAntiSpyware    2011.04.12    -Symantec    20101.3.2.89    2011.04.12    WS.Reputation.1
TheHacker    2011.04.12    
-TrendMicro    2011.04.12    -TrendMicro-HouseCall    2011.04.12    -VBA32    2011.04.12    -VIPRE    8999    2011.04.12    -ViRobot    2011.4.12.4406    2011.04.12    -VirusBuster    13.6.301.0    2011.04.12    -MD5bfcb8c5408fe750e431f2e843b8b85b8
File size
5599232 bytes
Scan date
2011-04-12 20:05:29 (UTC)

We will be happy to hear your thoughts

Leave a reply