Bu yazımızda sizler için Güncel SQL Dorkları ve Dork Yazma |2022 paylaşacağız.
Önceki yazımızda Güncel SQL Dorklar paylaşmıştık. Sizlerden aşırı ilgi gördüğü için ikinci yazıyı paylaşıyoruz.
İlgili Yazı: Buradan ilgili yazıyı okuyabilirsiniz
Sizde SQL injection dork, SQL dork 2022, dorklar, merak ediyorsanız yazımızı okumaya devam edebilirsiniz.
Dork Nedir ?
Dork, belirli kelimeleri belirleyerek arama motorları üzerinde filtreleme yapmamıza sağlayan kelimelerdir.
Güncel dorklar kullanarak da hızlı bir şekilde çok fazla SQL açıklı site bulabilirsiniz.
Güncel SQL Dorkları
Aşağıda ki dorku Google üzerinden manuel olarak aratarak siteleri tespit edebilirsiniz.
Bazı dorklar ile SQL açıklı siteleri çıkartabilirsiniz, diğer dorklar ile de Google önbelleğine kaydedilmiş admin şifrelerini tespit edebilirsiniz.
Paylaştığımız dorkların hepsi aktif olarak siteler çıkartıyor. Denenmiştir. 🙂
inurl:admin filetype:xls inurl:admin intitle:login inurl:backup filetype:mdb inurl:build.err inurl:cgi-bin/printenv inurl:odbc.ini ext:ini -cvs inurl:perl/printenv inurl:php.ini filetype:ini inurl:preferences.ini “[emule]” inurl:profiles filetype:mdb inurl:report “EVEREST Home Edition ” inurl:server-info “Apache Server Information” inurl:server-status “apache” inurl:snitz_forums_2000.mdb inurl:ssl.conf filetype:conf inurl:getmsg.html intitle:hotmail inurl:log.nsf -gov inurl:main.php phpMyAdmin inurl:main.php Welcome to phpMyAdmin inurl:netscape.hst inurl:netscape.hst inurl:netscape.ini inurl:tdbin inurl:vbstats.php “page generated” inurl:wp-mail.php + “There doesn’t seem to be any new mail.” inurl:XcCDONTS.asp ipsec.conf ipsec.secrets “detected an internal error [IBM][CLI Driver][DB2/6000]” “error found handling the request” cocoon filetype:xml “Fatal error: Call to undefined function” -reply -the -next “Incorrect syntax near” “Incorrect syntax near” “Internal Server Error” “server at” “Invision Power Board Database Error” “ORA-00933: SQL command not properly ended” “ORA-12541: TNS:no listener” intitle:”error occurred” “Parse error: parse error, unexpected T_VARIABLE” “on line” filetype:php “PostgreSQL query failed: ERROR: parser: parse error” “Supplied argument is not a valid MySQL result resource” “Syntax error in query expression ” -the “The script whose uid is ” “is not allowed to access” “There seems to have been a problem with the” ” Please try again by clicking the Refresh button in your web browser.” “Unable to jump to row” “on MySQL result index” “on line” “Unclosed quotation mark before the character string” “Warning: Bad arguments to (join|implode) () in” “on line” -help -forum “Warning: Cannot modify header information – headers already sent” “Warning: Division by zero in” “on line” -forum “Warning: mysql_connect(): Access denied for user: ‘*@*” “on line” -help -forum “Warning: mysql_query()” “invalid query” “Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL” “Warning: Supplied argument is not a valid File-Handle resource in” “Warning:” “failed to open stream: HTTP request failed” “on line” “Warning:” “SAFE MODE Restriction in effect.” “The script whose uid is” “is not allowed to access owned by uid 0 in” “on line” “SQL Server Driver][SQL Server]Line 1: Incorrect syntax near” An unexpected token “END-OF-STATEMENT” was found Coldfusion Error Pages filetype:asp + “[ODBC SQL” filetype:asp “Custom Error Message” Category Source filetype:log “PHP Parse error” | “PHP Warning” | “PHP Error” filetype:php inurl:”logging.php” “Discuz” error ht://Dig htsearch error IIS 4.0 error messages IIS web server error messages Internal Server Error intext:”Error Message : Error loading required libraries.” intext:”Warning: Failed opening” “on line” “include_path” intitle:”Apache Tomcat” “Error Report” intitle:”Default PLESK Page” intitle:”Error Occurred While Processing Request” +WHERE (SELECT|INSERT) filetype:cfm intitle:”Error Occurred” “The error occurred in” filetype:cfm intitle:”Error using Hypernews” “Server Software” intitle:”Execution of this script not permitted” intitle:”Under construction” “does not currently have” intitle:Configuration.File inurl:softcart.exe MYSQL error message: supplied argument…. mysql error with query Netscape Application Server Error page ORA-00921: unexpected end of SQL command ORA-00921: unexpected end of SQL command ORA-00936: missing expression PHP application warnings failing “include_path” sitebuildercontent sitebuilderfiles sitebuilderpictures Snitz! forums db path error SQL syntax error Supplied argument is not a valid PostgreSQL result warning “error on line” php sablotron Windows 2000 web server error messages “ftp://” “www.eastgame.net” “html allowed” guestbook “: vBulletin Version 1.1.5” “Select a database to view” intitle:”filemaker pro” “set up the administrator user” inurl:pivot “There are no Administrators Accounts” inurl:admin.php -mysql_fetch_row “Welcome to Administration” “General” “Local Domains” “SMTP Authentication” inurl:admin “Welcome to Intranet” “Welcome to PHP-Nuke” congratulations “Welcome to the Prestige Web-Based Configurator” “YaBB SE Dev Team” “you can now password” | “this is a special page only seen by you. your profile visitors” inurl:imchaos (“Indexed.By”|”Monitored.By”) hAcxFtpScan (inurl:/shop.cgi/page=) | (inurl:/shop.pl/page=) allinurl:”index.php” “site=sglinks” allinurl:install/install.php allinurl:intranet admin filetype:cgi inurl:”fileman.cgi” filetype:cgi inurl:”Web_Store.cgi” filetype:php inurl:vAuthenticate filetype:pl intitle:”Ultraboard Setup” Gallery in configuration mode Hassan Consulting’s Shopping Cart Version 1.18 intext:”Warning: * am able * write ** configuration file” “includes/configure.php” – intitle:”Gateway Configuration Menu” intitle:”Horde :: My Portal” -“[Tickets” intitle:”Mail Server CMailServer Webmail” “5.2” intitle:”MvBlog powered” intitle:”Remote Desktop Web Connection” intitle:”Samba Web Administration Tool” intext:”Help Workgroup” intitle:”Terminal Services Web Connection” intitle:”Uploader – Uploader v6″ -pixloads.com intitle:osCommerce inurl:admin intext:”redistributable under the GNU” intext:”Online Catalog” -demo -site:oscommerce.com intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as root@*” intitle:phpMyAdmin “Welcome to phpMyAdmin ***” “running on * as root@*” inurl:”/NSearch/AdminServlet” inurl:”index.php? module=ew_filemanager” inurl:aol*/_do/rss_popup?blogID= inurl:footer.inc.php inurl:info.inc.php inurl:ManyServers.htm inurl:newsdesk.cgi? inurl:”t=” inurl:pls/admin_/gateway.htm inurl:rpSys.html inurl:search.php vbulletin inurl:servlet/webacc natterchat inurl:home.asp -site:natterchat.co.uk XOOPS Custom Installation inurl:htpasswd filetype:htpasswd ntitle:”Browser Launch Page” intitle:”DocuShare” inurl:”docushare/dsweb/” -faq -gov -edu intitle:”EverFocus.EDSR.applet” intitle:”Index of” “.htpasswd” “htgroup” -intitle:”dist” -apache -htpasswd.c intitle:”Index of” .bash_history intitle:”Index of” .mysql_history intitle:”Index of” .mysql_history intitle:”Index of” .sh_history intitle:”Index of” cfide intitle:”index of” etc/shadow intitle:”index of” htpasswd intitle:”index of” intext:globals.inc intitle:”index of” master.passwd intitle:”index of” members OR accounts intitle:”index of” passwd intitle:”Index of” passwords modified intitle:”index of” people.lst intitle:”index of” pwd.db intitle:”Index of” pwd.db intitle:”index of” spwd intitle:opengroupware.org “resistance is obsolete” “Report Bugs” “Username” “password” intitle:open-xchange inurl:login.pl inurl:”:10000″ intext:webmin inurl:”8003/Display?what=” inurl:”auth_user_file.txt” inurl:”GRC.DAT” intext:”password” inurl:cgi inurl:cgiirc.config inurl:config.php dbuname dbpass inurl:data inurl:default.asp intitle:”WebCommander” inurl:”ViewerFrame?Mode=” inurl:”wvdial.conf” intext:”password” inurl:”wwwroot/ inurl:/Citrix/Nfuse17/ inurl:/db/main.mdb inurl:/wwwboard inurl:access inurl:admin filetype:db inurl:asp inurl:buy inurl:ccbill filetype:log inurl:download inurl:file inurl:filezilla.xml -cvs inurl:forum inurl:home inurl:hp/device/this.LCDispatcher inurl:html inurl:iisadmin inurl:inc inurl:info inurl:lilo.conf filetype:conf password -tatercounter2000 -bootpwd -man inurl:list inurl:login filetype:swf swf inurl:mail inurl:midicart.mdb inurl:names.nsf?opendatabase inurl:new inurl:nuke filetype:sql inurl:order inurl:ospfd.conf intext:password -sample -test -tutorial -download inurl:pages inurl:pap-secrets -cvs inurl:passlist.txt inurl:support inurl:user inurl:vtund.conf intext:pass -cvs s inurl:web inurl:zebra.conf intext:password -sample -test -tutorial -download LeapFTP intitle:”index.of./” sites.ini modified Sorumluluk Reddi: Burada anlatılanların tamamı bilgilendirme amaçlıdır. Dorkların kötüye kullanımından Siber Güvenlik Portalı kesinlikle sorumluluk almaz.