Pages

Subscribe:

Monday, June 18, 2012

Automated Blind SQL Injection Attacking Tool

Though manual sql injection is best but we may need to use tool for sql injection. When sql injection url don't show error message and we find it as a blind sql injection vulnerability then we use it. There are many tools in internet.
One of the best tool for blind sql injection is BSQLBF expanded as Blind Sql Injection Brute Forcer.

Supported Database:
  • MS-SQL
  • MySQL
  • PostgreSQL
  • Oracle
It supports 8 kind of attacking:
back-end server to true & error (e.g syntax error) >>> Blind SQL Injection
Blind SQL Injection  “order by” & “group by”
SYS privileges (ORACLE dbms_export_extension exploit ) >>> Find Data
O.S code execution (ORACLE dbms_export_extension exploit)
Read file (ORACLE dbms_export_extension exploit, java)
O.S code execution DBMS_REPCAT_RPC.VALIDATE_REMOTE_RC exploit
O.S code execution SYS.KUPP $PROC.CREATE_MASTER_PROCESS(), DBA Privs
O.S code execution DBMS_JAVA_TEST.FUNCALL, java IO Permissions

Download BSQLBF
read more "Automated Blind SQL Injection Attacking Tool"

Download IDM 6.08 Build 9 With Patch [Mediafire Link]

IDM is the fastest download accelerator software. Basically it is a premium software but in internet there are many free version. Maximum are fake or have some trouble in use. IDM 6.08 build 9 version have some extra features like speed limit and many more. So you can get a fresh mediafire link of IDM.
Download Link



read more "Download IDM 6.08 Build 9 With Patch [Mediafire Link]"

Saturday, June 9, 2012

PHP Script to Decrypt All Type of Hash

When to gain the admin information sometimes we get the password in hash. You should decrypt it into plain text. Now I share with you a php script to crack it. Open your notepad and paste the script. Then save it as php format like anything.php and save as type must be all files.







read more "PHP Script to Decrypt All Type of Hash"

Thursday, June 7, 2012

String Based SQL Injection Full Tutorial

Some days ago I posted a highly detailed tutorial about sql injection. You may face some problem like below:

www.site.com/index.php?id=1 order by 5--  >>> no error
www.site.com/index.php?id=1 order by 100--  >>>no error

If you face this kind of problem you should use string based sql injection. Follow me:

www.site.com/index.php?id=1' order by 100--+  >>>error

For string based sql injection give (+) at last. And add (') after value like id=1'

Example:
See the pic below.

I used order by 100-- but there are no error. Now I use string based sql injection. See another pic.

Yes. We got error. Now do other action as usual. Get mysql injection tutorial from here.
read more "String Based SQL Injection Full Tutorial"

Monday, June 4, 2012

How to Get IP Address Of a Victim [Best Script]

Hello for hacking a pc or hack someone it is needed to know victim's ip address. We may face some problem about that. Ok today I give you the best script to find the victim's ip address.

What is needed?
- A free web hosting.
- IP caching script.

About the script
This script catches the IP addresses , active ports , Cookies , Web-Browser name , Date and time on the victims computer etc.
How to do?
1. Create an account on 000webhost.com and into its member area.
2. Now go to the cpanel of your domain.
3. Then scroll down and select file manager.
4. Now upload your ip caching script in public_html folder at .php format.
5. Now create a .txt file named logs.txt
6. Give the script link to the victim and when he click on the link you will get ip address, cookie, ports etc in your logs.txt folder.

See the demo pic of this script


Download the script
To get this script click here.

read more "How to Get IP Address Of a Victim [Best Script]"
Related Posts Plugin for WordPress, Blogger...
 

Alexa Rank

Review www.allitemz.blogspot.com on alexa.com

Total Pageviews

Your IP

what is my ip address?
back to top