SQLi Using Google Dorks


Using Google dorks we can find SQL injection.

Use this keyword: site:test.com intext:”sql syntax near” | intext:”syntax error has occurred” | intext:”incorrect syntax near” | intext:”unexpected end of SQL command” | intext:”Warning: mysql_connect()” | intext:”Warning: mysql_query()” | intext:”Warning: pg_connect()”

In site just give your site.

If the domain contain any SQL errors we can find here.

Here we got that vulnerable endpoint. So we can start exploiting. Using manual methods or else use sqlmap.