OP 05 October, 2022 - 01:46 PM
(This post was last modified: 05 October, 2022 - 06:26 PM by FatherKing.)
Dorking is an art to understanding a Search engine and get desired output out of it.
Like if I want to get a eBook on google it’s hard to get that in our first result most of the time but a dork can do it.
Let’s get this through an example:
Let’s say that the book we want is “Learn Python From Basics” and we want it as a pdf.
So I’ll Go to google and type: ext:pdf “Learn Python From Basics”
And as a result google will provide me the URL which have a pdf in there of the book “Learn Python From Basics”.
Now this can be done to any target with proper formatting of this dork as soon our result
isn’t banned by google.
What is a Dork?
A dork is a search query which Engine reads and interpret to provide most relative result
which co-relates to query.
Why we use Dork?
So simplest way of cracking is finding a website which is unprotected then exploiting information compromising it’s lack of security measures and then use them for own purposes.
How does Dorking works?
There are basically 3 Methods which can be used to Request Data, which are:
Get, Put and Post
Our Primary Search Engines (Google & Bing) Both uses Get method to request data.
How Get method works and why we use this instead of other two?
In Get method our data is put into the URL from the form as temporary data storage.
This is the form we fill to request the data on google:
This is Google using Get Method to Provide us result (Requested data is Underlined)
Now let’s discuss about why we don’t use Put or Post method for SQL Injection.
Basically thing is in Get method, we request a website to get us the data we want But when
it comes to Post or Put we have to send Some payload there to Get Result back and we
don’t be knowing the exact payload for the website so we will be needed to go through a
long manual process to find specific payload and then start injecting malicious string which
isn’t much good for us as it will take ages to get that.
What is SQL injection and How it works?
So Conclusion is that “data is input from some variable on a site, being user operated or automatic in the functionality of the site.
Data will be sent to the server (where the website is hosted) and complete a task.
I`ll make a new thread soon all for SQL Injection so stay tuned
Like if I want to get a eBook on google it’s hard to get that in our first result most of the time but a dork can do it.
Let’s get this through an example:
Let’s say that the book we want is “Learn Python From Basics” and we want it as a pdf.
So I’ll Go to google and type: ext:pdf “Learn Python From Basics”
And as a result google will provide me the URL which have a pdf in there of the book “Learn Python From Basics”.
Now this can be done to any target with proper formatting of this dork as soon our result
isn’t banned by google.
What is a Dork?
A dork is a search query which Engine reads and interpret to provide most relative result
which co-relates to query.
Why we use Dork?
So simplest way of cracking is finding a website which is unprotected then exploiting information compromising it’s lack of security measures and then use them for own purposes.
How does Dorking works?
There are basically 3 Methods which can be used to Request Data, which are:
Get, Put and Post
Our Primary Search Engines (Google & Bing) Both uses Get method to request data.
How Get method works and why we use this instead of other two?
In Get method our data is put into the URL from the form as temporary data storage.
This is the form we fill to request the data on google:
This is Google using Get Method to Provide us result (Requested data is Underlined)
Now let’s discuss about why we don’t use Put or Post method for SQL Injection.
Basically thing is in Get method, we request a website to get us the data we want But when
it comes to Post or Put we have to send Some payload there to Get Result back and we
don’t be knowing the exact payload for the website so we will be needed to go through a
long manual process to find specific payload and then start injecting malicious string which
isn’t much good for us as it will take ages to get that.
What is SQL injection and How it works?
So Conclusion is that “data is input from some variable on a site, being user operated or automatic in the functionality of the site.
Data will be sent to the server (where the website is hosted) and complete a task.
I`ll make a new thread soon all for SQL Injection so stay tuned
This is a bump
Leave a Like to support me
