Tuesday, 20 November 2012

SQL Injection

What is Sql Injection:
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.

 This guide is For Educational purposes Only.Please don't Misuse It  

Step-by-Step tutorial for SQL Injection
Read more »
Posted by at No comments:
Reactions: 

Tuesday, 13 November 2012

How To Trace an Email [Noob Friendly]

Generally, the path taken by an email while traveling from sender to receiver can be explained by following diagram.




Step 1:-So here is the method of tracing the exact location from the email sent.I am showing the email tracing on gmail here but yahoo and other mail providing services have same concept. Step 1:-First open up your email account and click on your inbox.

Read more »
Posted by at No comments:
Reactions: 

Saturday, 13 October 2012

Change Start Button





To Get this In Your computer Follow The Exact Steps below

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executable and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.

get this from http://delphi.icm.edu.pl/ftp/tools/ResHack.zip

The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.
Read more »
Posted by at No comments:
Labels: , ,
Reactions: 

Sunday, 19 August 2012

Free Vpn LifeTime



TO SEE ON HOW TO SETUP AN VPN
             (Skip The ads)
Refer: http://cur.lv/4gpa  
            http://cur.lv/4gpc
            http://cur.lv/4gpd 
    
  Features of Free Canada VPN

2Mbit/s dedicated high speed internet connection from premium Canada data center for each VPN session, up to 50Gbps total bandwidth to world;
Encrypts and compresses all web browsing traffic;
Bypasses local ISP's traffic shaping and websites blocking;
Hiding online tracks from internet sniffing & web filtering system Websense;
No logs, No traces, no any VPN activities history saved in our VPN side;
Your real internet IP is hidden when using our VPN service;
Working with Microsoft Windows XP/Vista/7, Apple Mac OSX, Linux Ubuntu, iPhone, iPad, Google Android, WM65 and most network appliances;


VPN account information:

PPTP VPN Server Hostname: freecanadavpn.com
PPTP VPN Encryption Mode: Auto
PPTP VPN Username: free
PPTP VPN Password: (visit http://cur.lv/4gpi) (Skip The ad)
<check top right corner> The password will Change daily to avoid abuse of vpn


                                              (Skip The ad)
For more VPN servers visit: http://cur.lv/4gph
Posted by at 8 comments:
Labels: , , ,
Reactions: 

Facebook chatbox Image share

Did u ever Thought of sending images while chatting in facebook

Hell Yeah!! I am talking about sending and watching images in the chat box...




Read more »
Posted by at No comments:
Labels: ,
Reactions: 

Introduction To XSS

                  Introduction To XSS


What is XSS ???
Cross-site scripting holes are web-application vulnerabilities that allow attackers to bypass client-side security mechanisms normally imposed on web content by modern web browsers. By finding ways of injecting malicious scripts into web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the browser on behalf of the user. Cross-site scripting attacks are therefore a special case of code injection.
There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based.

Lets Begin!!

The Vulnerabilty UrL:

http://www.xxx.xx/forum/search.php?id=yyyy
http://www.xxx.xx/xxxx/xxxxxx.php?xx=&yy=yy

Here,yy is the place u can put Your script for execution
or
http://www.xxx.xx/forum/?page_id=&5infor...user=admin

It can be any url which can submit u r query to the server to execute u script...

Firstly you need to register into the victim website so that u can get permission to post and place comments...if you can do the search and comment without register itz ok but often you will need to register and place your scripts to record the cookies
To the Example:
The Hack :::::::::::::

The Url:
Quote:
http://www.xxx.xx/forum/search.php?id=yyyy

now we will replace the 'yyy' in the example with a script to check whether it is vulnerable to xxs or no

 The script

<script>alert("TEST")</script>

You can find the huge list of scripts to check whether the websites whether they are vulnerable to xss.
Here:http://leethacks.net/thread-1015.html

If you get a popup on you screen "Test" after executing this..
Then the website is vulnerable to xxs!!
But we need to find the scource and if the scource contains your script the u are on!!!
The code of your script might be changed in the scource the quotes might have filtered or altered but that doesnt matter....we are gonna use
Congrats Now we can try to get admin cookies

Now we are using the String.fromCharCode option.

http://www.wocares.com/noquote.php

Select Javascript (String.fromCharCode, unescape)

Type in "TEST" and we get this:

Code:

String.fromCharCode(116,101,115,116)

Okay now replace this with "\TEST\"
So our adress should now looks like this:

Code:

value=''/><script>alert(String.fromCharCode(116,101,115,116)</script>

Okay after we have done this go back to the first page where you selected the posts of the admin and replace admin again, but now with our new results !
It should look like
Code:
http://www.xxx.xx/xxx/search.php?id='/%3Cscript%3Ealert(String.fromCharCode(116,101,115,116)%3C/script%3E

Congrats you sucessfully hacked a website with XSS !
 Now you can search for cookies !
 Just use the same method as before !

Posted by at No comments:
Labels: , ,
Reactions: 

Getting Free Domains and Hosting

                      How to get FREE Domains + Hosting 

I recommand you to have the following programs:
– Google Chrome (for translating the website) //
https://www.google.com/chrome/

– HideMyIP (or any else IPHider) // http://hide-my-ip.com/

Before you are starting please check all my tips!
– Use HideMyIP or any iphider.
– Clear your cookies.
– Never use your personal email.
– Logon your FTP every month so it will keep active.

I put here a list of downloads and links for you.
Hotmail // http://www.hotmail.com
Mijndomein // http://www.mijndomein.nl/

Step 1:
Create a hotmail account. Link above
Read more »
Posted by at No comments:
Labels: , , ,
Reactions: 
Subscribe to: Posts (Atom)