SQL Injection types

Boolean Based Blind SQL Injection For SQLMap, a Boolean based blind is a technique where in there is a lot of involvement of HTTP request and response reading character by character, comparison and detecting the right output. Once a vulnerable parameter is detected, SQLMap replaces or appends syntactically valid SQL statements for which we can expect some output. Say, there is an original un-tampered request with a vulnerable parameter, it has certain response and in next stage there is a request-response from an injected statement, then...

Read More

Top 10 Sql Injection tools

10 Powerful SQL Injection Tools That Penetration Testers Can Use 1. BSQL Hacker This is a useful tool for both experts and beginners that automates SQL Injection attacks on websites. Download: http://flexydrive.com/q75te2c2banl 2. The Mole This is an SQL Injection tool that uses the union technique or the boolean query-based technique. Download: http://flexydrive.com/3pr6tjhb0b8p 3. Pangolin This is a penetration testing tool developed by NOSEC. It is aimed at detecting and exploiting SQL injection vulnerabilities on websites. Download:...

Read More

How to add Workspace In Metasploit kali linux

Jai Hind I am DeadManINDIA from (IHT) 1ND14N H4X0R5 T34M We are :- EagleShadow,Null_Port_Govind,Mr.R@66!T,Haxor-Rahul,Spy-Hunter,Grey-Noob,Karate-Katrina. Love to :- My Mom And My Dad. Today we will discuss on the how to add the workspace in metasploit in kali linux . lets go  Setup 1 :- first of all start the database and metasploit services with the help of these commands.  1st :- service postgresql start 2nd :- service metasploit...

Read More

#‎HOW_TO_CHANGE_NAME_OF_A_FACEBOOK_FANPAGE_AFTER_200_LIKES‬:

As we know we can't change page name just after 200 likes. Means you are only able to change page name just before completing 200 likes on page and then after the option will be disappears and page name got fixed. In that condition suppose your page have 10,000+ or 200+ likes but you decide to change your business name then its a great problem because their is not possible way to shift. ►Steps For Changing Page Name: 1.Open Google Chorme Browser 2.goto Settings 3. Show Advance Setting 4.Change Proxy Set IP 5.212.138.92.17 port...

Read More

101 Top Tools For System And Network Admins!

...

Read More

How to use Plecost Tool for scanning wordpress sites

Jai Hind friends I am DeadManINDIA From IHT(1ND14N H4X0R5 T34M). We are :- Null_Port_Govind,Haxor-Rahul,EagleShadow,Spy-Hunter,Grey-Noob,                 Mr.R@66!T,Karate-Katrina. Love to :- My Mother,My Father . Today i m going to explain how to scan wordpress website with the help of Plecost in kali linux. Steups :- 1  Change the directory like this and come in...

Read More

How to Use BlindElephant tool in kali linux

Jai Hind Friends I am DeadManINDIA as u know today i m going to explain how we use the BlindElephan.py tool in kali linux. Greetz To :- Null_Port_Govind,EagleShadow,Haxor Rahul,Mr.R@66!T,Grey-Noob,Spy-Hunter,Karate-Katrina,IndiWar,X-MAN-INDIA,Satish Choudhary ,Mahi Di. Love to ----->>>>My Mother And My Father. So lets Start :-   1 Open Terminal and type BlindElephant.py Like this 2  Read The Options carefully and...

Read More

How to add plugin in OllyDbugger kali linux

Hell Friend I m DeadManINDIA From 1ND14N H4X0R5 T34M (IHT)                                        JAI HIND                                JAI BHARAT   Love to :- My Father,My...

Read More

Adobe PDF Embedded EXE Social Engineering exploit

Adobe PDF Embedded EXE Social Engineering exploit   Lets Begin :1) Prepare a .pdf file that you wish to embed within the malicious file. This file will greet the target when he executes the malicious file. So pick something related to the theme of his job, for example if he is a doctor then send him some medical bullshit .pdf you find on the net. 2) Load up msfconsole and type : search pdf embed 3) You know the drill, for more information on the exploit type : info exploit/windows/....../....../....../ 4) Read through...

Read More

PhpmyAdmin Exploit with Google Dorks

Hello Reader! Today Im going to show you how to exploit PHPmyAdmin with google Dorks. You dont nedd to do any thing no login nothing just put the dork and open any site you will directly go to PHPmyAdmin :).. So let's Start... Follow the Instructions:- 1). Enter the following Dork in Google. Dork: allinurl:index.php?db=information_schema 2). It will show you about 80,800 Results. So now you can guess how many Vuln  sites are...

Read More

Secure Joomla sites

ecurity of Joomla Website by Htaccess Htaccess is a configuration file from web servers that run Apache as their server software. It is a very powerful configuration file which can control the server. Htaccess is a hidden file which should be already present in the root directory of your server. If it’s not, then you can create it, but make sure that the right name of the file is “.htaccess” (yes, it starts with a dot). Since we can do so...

Read More

HEART BLEED TOOLS (OPEN SSL)

HEART BLEED TOOLS (OPEN SSL) CHECKER: https://github.com/FiloSottile/Heartbleed ssltest.py: Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford http://pastebin.com/WmxzjkXJ SSL Server Test : https://www.ssllabs.com/ssltest/index.html Metasploit Module:  https://github.com/rapid7/metasploit-framework/pull/3206/files Nmap NSE script: Detects whether a server is vulnerable to the OpenSSL Heartbleed:  https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse Nmap...

Read More

Israel Private 0Day Shell Upload Exploits ASP|PHP

Hey Guyz ..Today I found some FRESH Private Israel 0Day Exploits . So i thought of sharing with you all....So lets Start.... 1). First 0Day Shell Upload ASP | PHP # Google Dork -|- 'prod1.aspx?pid=' site:il or You can also create your own Dork # Exploit Upload 1 -|- /admin/adminbanners.aspx # Exploit Upload 2 -|-  /admin/AdminPics.aspx When you upload your asp or php shell just Check Code Source of the page you will see your url Shell example: /banners/1a62aa_bddf_4e3d_8464_f0f62ac8c7.asp # DEMO SHELL -|-  http://littlebags.co.il/banners/1dea62aa_bddf_4e3d_8464_f640f62ac8c7.asp 2)....

Read More

Sim-Cloning tut

1. Buy a Sim card Reader 2.Need a Blank sim card or super sim card 3.Download Magicsim at http://www.magicsim.com/en/multi-sim.asp? new_id=6 4. Download http://www.filecart.com/Windows/System-Utilities/Backup-Restore/USB-SIM-Card-Reader- Software_1711_1.html 5. Install programs. 6. go in phone tools, select sim card, then select unlock sim, it will promt for a code. 7 call network provider, they will ask for your phone number, your account info, name and security code, then they will ask why you want to unlock your simcard, just tell them you...

Read More

Remote Code Execution (RCE)

Remote Code Execution (RCE) I'm going to demonstrate you the Remote Code Execution vulnerability. The main reason of this vulnerability is taking the un-filtered user input as a part of the command that will be executed. Injection vulnerabilities (SQL, XPath, LDAP etc.) can be classified as RCE Vulnerabilities. For example our source code will be like this; PHP Code: <?php <html><a href="?cmd=echo %TIME%">View Time</a><br><? if(isset($_GET['cmd'])) print "<b>Current Time: </b> " . shell_exec($_GET['cmd']); ?></html>  As...

Read More

Bypassing AirWatch Root Restriction

Mobile devices are becoming more common in corporate environments. As a result, mobile device management solutions (MDM) have cropped up so that employers can remotely manage and wipe devices if necessary along with setting certain requirements that employees must comply with, such as setting a passcode, encrypting the device, and not jailbreaking or rooting the device. It’s certainly not a bad idea to enforce restrictions on devices that...

Read More

RFI Full Tutorial For All New N00bs

Intro: What is RFI?? 1.Understanding RFI 2.Finding RFI vulnerabilities 3.Exploiting RFI vulnerabilities 4.Securing RFI vulnerabilities RFI means Remote file inclusion.  RFI is a type of web application security hole. On the net, there are so many sites which are vulnerable to RFI. In this tutorial, I am going to show you RFI with PHP.  PHP is a web script engine. Its the most widely used one so that's why I am using it in this tutorial. Learn more about PHP: http://php.net http://en.wikipedia.org/wiki/PHP To...

Read More