- by x32x01 ||
To the folks asking and looking for real sites with vulnerabilities to practice on:Personally, it’s a very simple Python script to look for SQL injection flaws, and you’ll find plenty of vulnerable sites.
And of course, hackers - the script is open for everyone to improve and develop.
Python:
from googlesearch import search
import time
dorks = [
"inurl:/list_blogs.php?sort_mode=",
"inurl:/eventdetails.php?*=",
"inurl:/commodities.php?*id=",
"inurl:/recipe-view.php?id=",
"inurl:product.php?mid=",
"inurl:view_ad.php?id=",
"inurl:/imprimir.php?id=",
"inurl:/prodotti.php?id=",
"inurl:index.cgi?aktion=shopview",
"inurl:/default.php?id=",
"inurl:/default.php?portalID=",
"inurl:/*.php?id=",
"inurl:/articles.php?id=",
"inurl:/os_view_full.php?",
"inurl:/Content.asp?id=",
"inurl:/CollectionContent.asp?id="
]
def search_with_dorks(query, num_results=5):
print(f"Searching for: {query}")
found_urls = []
for url in search(query, num_results=num_results):
found_urls.append(url)
print(f"Found: {url}")
time.sleep(2)
return found_urls
if __name__ == "__main__":
print("Script to search Google using specified Dorks")
for dork in dorks:
results = search_with_dorks(dork, num_results=5)
if results:
print(f"\nResults for '{dork}':")
for site in results:
print(site)
else:
print(f"\nNo results found for '{dork}'")
print("-" * 50)
