MeGodImBest
Boss Fight Pro
LEVEL 2
800 XP
sup , in this guide i'll teach you from 0>Hero data dumping , +some tips
in this part i'll be focusin on SQLi and dorking in general.
NOTE: this guide for sites that u have rights to test their security, i'm/n.to not responsible for any shits.
Let's Start..
you all know about the videos you see on yt based on sqli
so you go on and copy dorks or make dorks and start working with sqli tools But u will always get bad results , small lists ! and public stuff
why you can't get good shit ?
1-not understanding the limits of sqli !
2- Dorks
3-proxies
4-tools
--------------------------------------
1-
You need to know that sql injection exploit was first discovered in 1998,
and been abused ALOT.
in past couple of years even indian programmer with 1$ hourly rate can prevent sqli in his code...
So don't expect getting gold stuff , you might find private unhacked big dbs , But rarely ...
----
2-Dorks
Dorking is the most important step in sqli ..
First
You need to understand what is dorking , and why using public dorks will lead to bad results
Dorking is simple Advanced way of searching in search engines that will give you specific and sites that is kinda hidden - and some info that is not readable on websites
Example :
1- inurl: product.php?id=
it search and return result with list of pages/sites that includes product.php and ID= (get method) in their url
intitle:shop
it will give you list with sites that have "Shop" word in their Title
etc .....
as you see it's just search engines advanced searching
Just learn dork types and make your self private dorks and be creative ,
because you if 1000 people made same dork as u , that's mean you all will get similar results...
some of dorks type and explaination
Helpful Tips:
1- use translators and translate your keywords
2- make good keywords , let ur creativity
BUT , Make sure ur keywords is relevant and getting actually result
you can test by searching manually first and check if your dork resulted a good amount of sites
----------------
3-Proxies
do you can get decent cpm while cracking netflix/dominos with public proxies ?
Nope
same for dorking
Dorking tools are simply searching and scraping search engines ...
so sites like google etc , will block your public proxies
make sure you using quality proxies for scraping
to get faster/better results !
-------------------
4-Tools
Sqli has multiple types
some tools can't deal with all types
if you used sqli dumper software , your Not-Injectable list
is actually maybe injectable with other tools like sqlmap
Consider that always use more than one tool
check your not-injectable list now with sqlmap and u might find +20% of the list is injectable
this is might give you better private db
NOTE:
i tried to simplify as much as possible this tuto for newbies , this is just a simple boost in ur journey in dumping databases to understand the full picture,
instead of copying people without understanding your mistakes etc...
i will not post any tools in these guides , just explaining to help you to improve
It will be another threads for another exploits soon
in this part i'll be focusin on SQLi and dorking in general.
NOTE: this guide for sites that u have rights to test their security, i'm/n.to not responsible for any shits.
Let's Start..
you all know about the videos you see on yt based on sqli
so you go on and copy dorks or make dorks and start working with sqli tools But u will always get bad results , small lists ! and public stuff
why you can't get good shit ?
1-not understanding the limits of sqli !
2- Dorks
3-proxies
4-tools
--------------------------------------
1-
You need to know that sql injection exploit was first discovered in 1998,
and been abused ALOT.
in past couple of years even indian programmer with 1$ hourly rate can prevent sqli in his code...
So don't expect getting gold stuff , you might find private unhacked big dbs , But rarely ...
----
2-Dorks
Dorking is the most important step in sqli ..
First
You need to understand what is dorking , and why using public dorks will lead to bad results
Dorking is simple Advanced way of searching in search engines that will give you specific and sites that is kinda hidden - and some info that is not readable on websites
Example :
1- inurl: product.php?id=
it search and return result with list of pages/sites that includes product.php and ID= (get method) in their url
intitle:shop
it will give you list with sites that have "Shop" word in their Title
etc .....
as you see it's just search engines advanced searching
Just learn dork types and make your self private dorks and be creative ,
because you if 1000 people made same dork as u , that's mean you all will get similar results...
some of dorks type and explaination
Helpful Tips:
1- use translators and translate your keywords
2- make good keywords , let ur creativity
BUT , Make sure ur keywords is relevant and getting actually result
you can test by searching manually first and check if your dork resulted a good amount of sites
----------------
3-Proxies
do you can get decent cpm while cracking netflix/dominos with public proxies ?
Nope
same for dorking
Dorking tools are simply searching and scraping search engines ...
so sites like google etc , will block your public proxies
make sure you using quality proxies for scraping
to get faster/better results !
-------------------
4-Tools
Sqli has multiple types
some tools can't deal with all types
if you used sqli dumper software , your Not-Injectable list
is actually maybe injectable with other tools like sqlmap
Consider that always use more than one tool
check your not-injectable list now with sqlmap and u might find +20% of the list is injectable
this is might give you better private db
NOTE:
i tried to simplify as much as possible this tuto for newbies , this is just a simple boost in ur journey in dumping databases to understand the full picture,
instead of copying people without understanding your mistakes etc...
i will not post any tools in these guides , just explaining to help you to improve
It will be another threads for another exploits soon
