Learn Cracking in 2022 Part 1 Introduction

[Killfrenzy]

Dorking is an art to understanding a Search engine and get desired output out of it. Like if I

want to get a eBook on google it’s hard to get that in our first result most of the time but a

dork can do it.



Let’s get this through an example:

Let’s say that the book we want is “Learn Python From Basics” and we want it as a pdf.



So I’ll Go to google and type:



ext:pdf “Learn Python From Basics”



And as a result google will provide me the URL which have a pdf in there of the book “Learn

Python From Basics”.

Now this can be done to any target with proper formatting of this dork as soon our result

isn’t banned by google.



Q- What is a Dork?

A dork is a search query which Engine reads and interpret to provide most relative result

which co-relates to query.



Q- Why we use Dork?

So simplest way of cracking is finding a website which is unprotected then exploiting

information compromising it’s lack of security measures and then use them for own

purposes.



Q- How does Dorking works?

There are basically 3 Methods which can be used to Request Data, which are:

Get, Put and Post

Our Primary Search Engines (Google & Bing) Both uses Get method to request data.



Q- How Get method works and why we use this instead of other

two?

In Get method our data is put into the URL from the form as temporary data storage.

This is the form we fill to request the data on google:

This is Google using Get Method to Provide us result (Requested data is Underlined)

Now let’s discuss about why we don’t use Put or Post method for SQL Injection.

Basically thing is in Get method, we request a website to get us the data we want But when

it comes to Post or Put we have to send Some payload there to Get Result back and we

don’t be knowing the exact payload for the website so we will be needed to go through a

long manual process to find specific payload and then start injecting malicious string which

isn’t much good for us as it will take ages to get that.



Q- What is SQL injection and How it works?

We will Understand about SQL injection using information Given Below:

https://gyazo.com/8b7e0b1f0e7d3d6edfa3709531972adf

072c578297216102ec7ff8de0fae8b01.png

Now Let’s Understand work Function of SQL injection using below Diagram:

https://gyazo.com/072c578297216102ec7ff8de0fae8b01

8b7e0b1f0e7d3d6edfa3709531972adf.png

So Conclusion is that “data is input from some variable on a site, being user operated or

automatic in the functionality of the site. Data will be sent to the server (where the website

is hosted) and complete a task.