Scribd
Upload
478 views13 pages

SQL Vulnerability Exploit Guide

1. The document provides steps to generate targeted dorks, find vulnerable URLs, and dump databases from SQL injection vulnerabilities. It involves using tools like MangoKeywords, RxP Parser, and SqliDumper to generate dorks from keywords and parameters, scan URLs for SQLi vulnerabilities, and extract data from vulnerable databases. 2. Key steps include generating keywords, making dorks with MangoKeywords, parsing dorks with RxP Parser to find URLs, scanning URLs for SQLi vulnerabilities, and using SqliDumper to dump data from vulnerable databases. 3. The goal is to generate targeted dorks to find shopping websites, scan those sites for SQLi issues

Uploaded by

darkelfist7
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
478 views13 pages

SQL Vulnerability Exploit Guide

1. The document provides steps to generate targeted dorks, find vulnerable URLs, and dump databases from SQL injection vulnerabilities. It involves using tools like MangoKeywords, RxP Parser, and SqliDumper to generate dorks from keywords and parameters, scan URLs for SQLi vulnerabilities, and extract data from vulnerable databases. 2. Key steps include generating keywords, making dorks with MangoKeywords, parsing dorks with RxP Parser to find URLs, scanning URLs for SQLi vulnerabilities, and using SqliDumper to dump data from vulnerable databases. 3. The goal is to generate targeted dorks to find shopping websites, scan those sites for SQLi issues

Uploaded by

darkelfist7
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Rxploit Detailed Combo

Method

What we are going to go throw in this guide!

1. Make keyword
2. Get Parameters
3. Make Targeted Dorks
4. Parse Dorks
5. Gather Urls
6. Vulnerability Scan Urls
7. Dump Sql Urls

Lets Start!
1. Keyword

1. The best way to get only good keywords is


to use Google Ads. Google ads only shows
you the best and newest keywords. You just
have to go to this page and create an account
there. ads.google.com After you have created
your account, go to the Tools and Settings
section.
2. There you will find a keywords planner. In
this planner you can now set the region to USA
to get the most valid keywords.

3. If you then enter gaming there, you will only


get games suggested as keywords. Of course
you can use it. If you do this several times with
new keywords, the quality of your new
keywords increases.

4. To improve you quality i use a tool called


mango. This tool is now free and are in my
discord! Mango helps me improve my
keywords alot. Mango will change your
Keywords to the best. You put in your short
keywords (1 word) in, And mango give you a
keyword back with 5 words or even more.

2. Get Parameters

1. Now Lets get Some Shopping Parameters

2. Im using chatgpt for this so i asked him:


generate a list of keywords that are often used
in website urls in between ? and =
for example:
Https://shoppingwebsite.com/d.php?buy=

Generate 100 words inbeetwen ? and =

3. When you got the parameters save it


somewhere on your pc.

3. Make Dorks
1. Download MangoKeywords In My Discord

2. Navigate To Utilities Tab And Find


DorkMaker

3. Now Click Start Ones And You Should Find


Your Find A New Folder Where
MangoKeywords Is Located.

4. Now Go To PageParameters.txt And Then


Paste The Parameters You Just Made.

4. Now Find Keywords.txt And Paste The List


Of Keywords Into Keywords.txt

5. Now Navigate To DorkTypes.txt And Paste In


This:
inurl:php (kw) inurl:?(pr)= "(pt)"
6. We Use (PT) Because We Dont Have (Kw2)
Like In Dorky Dorker.

7. Now Handwrite Some Seconds Keywords To


Make Your Dorks Better.

For Second Keywords You Just Want To Have


Something Simple For Your Target.
Im Targeting Shopping So Here Are A Few
Good Shopping Keywords.

Buy
Shop
Discount

8. Now Navigate To Pagetype.txt And Paste In


Your Keywords2

7. We use Second Keywords To Strengthening


The Targeting.

8. My Kw2 List Is Like This:

Buy
Shop

9. Now Go Back To MangoKeyword Input The


List How Many Dorks You Want To Make Then
Click Start.

10. Done Your Dorks Should Be In Results


Folder Then Dork Maker Folder.
4. Parse Dorks

1. Download The RxP Parser In My Discord


And Run The Tool.

2. Then Paste Your List Of Dorks Into Dorks.txt

3. Login Then Click Start. You Are Now Going


To See Urls Flood Into Urls.txt

4. Let It Gather A Big Amount Of Urls Then


Your Done.

5. Vulnerability Scan

1. Open MangoKeywordsGui.exe

2. Go To Vuln Scanner Tab Then Click Start.

3. Input The Urls You Gathered From RxP In


Urls.txt

4. Wait Until Done Then You Go To Results


Folder And Then SQLi Vulnerability Scanner
Folder.

5. Don't Use The Urls From Allvuln.txt or


wafs.txt Use The Other Ones Like Mysql.txt
And All The Other Ones.

6. Copy The Urls Into One .txt File.

7. Now Your Done Lets Get Into The Fun Part!


( DUMPING COMBO LIST )
7. Dump Combo

1. Download This Tool Called Sqli Dumper


From Github!

https://github.com/AngelSecurityTeam/SQLiDu
mper-AngelSecurityTeam

2. Remove These Folders Named


IMG
LNG
TXT
XML

3. Now Open Sqli Dumper.exe

4. Copy All The Vulnerable Urls From Where


You Saved Them.
5. Now Right Click Where On The White Field
And Click Add Urls.

6. Go To SQL Injection Tab Then Change


Threads To What You want. Then Click Start
Scanner
7. Wait Until Its Done.

8. When Its Done You Want To Add The Things


You Want To Dump.

9. When You Clicked

10. Click On 1 urls Above And Then Press


Ctrl + A So All Urls Get Blue.

11. Click On The Start Search Button.


And You Should See This:
12. Click On The Url You Want To Dump Like
This Then Click Go To Dumper Then Dumper
Form.

13. Go To Data Dumper Tab And Click On One


Of The Tables.
14. Click The Button Get Columns Then Click
On The Buttons You want To Dump:

15. Change Threads And Click Dump Data:


16. Done!

Thanks For Your Time


Broskis!

You might also like