News
Tools Hacker
How to upload backdoor into the target site
Selasa, 19 Juli 2011
There may be constraints well after the takeover sqli bugs via the web, we just dapet access to the admin panel, be content if there fitus cmsnya upload pictures, hehehe: D barriers are just upload pictures, upload php? t If the target CMS Joomla you can change the file can be uploaded in the media in the settings in Global Configuration tab in the system plus the php extension and then save. After that upload your shell in media management. your shell will be ...
There may be constraints well after the takeover sqli bugs via the web, we just dapet access to the admin panel, be content if there fitus cmsnya upload pictures, hehehe: D barriers are just upload pictures, upload php? t If the target CMS Joomla you can change the file can be uploaded in the media in the settings in Global Configuration tab in the system plus the php extension and then save. After that upload your shell in media management. your shell will be ...
Cara upload Backdoor ke website korban
Senin, 18 Juli 2011
Mungkin ada kendala yah setelah takeover web lewat bug sqli, kita cuma dapet akses ke panel admin, berbahagialah kalo cmsnya ada fitus upload gambar, hehehe :D kendalanya cuma upload gambar, upload php? ini gunanya tutorial ini ;) Jika cms target Joomlaanda dapat mengubah file yang dapat di upload di media pada settingan di Global Configuration di tab system tambah ekstensi php kemudian save. Setelah itu upload shell anda di media manajemen. shell anda akan berada pada...
Mungkin ada kendala yah setelah takeover web lewat bug sqli, kita cuma dapet akses ke panel admin, berbahagialah kalo cmsnya ada fitus upload gambar, hehehe :D kendalanya cuma upload gambar, upload php? ini gunanya tutorial ini ;) Jika cms target Joomlaanda dapat mengubah file yang dapat di upload di media pada settingan di Global Configuration di tab system tambah ekstensi php kemudian save. Setelah itu upload shell anda di media manajemen. shell anda akan berada pada...
How to Test for SQL Injection Bugs
Rabu, 22 Juni 2011
Below is a summary of steps needed for testing for SQL injection bugs Step 1: Understand SQL injection attack scenarios Step 2: List high risk components and entry points Step 3: Start testing and exploring Step 4: Tune of test data Step 4: Tune test cases data At this point you have started executing an exploratory pass through the input variables. During step 4 you need to concentrate on covering all entry points of each variab...
Below is a summary of steps needed for testing for SQL injection bugs Step 1: Understand SQL injection attack scenarios Step 2: List high risk components and entry points Step 3: Start testing and exploring Step 4: Tune of test data Step 4: Tune test cases data At this point you have started executing an exploratory pass through the input variables. During step 4 you need to concentrate on covering all entry points of each variab...
MySQL Injection Cheat Sheet
Selasa, 21 Juni 2011
MySQL Injection Cheat Sheet Basics. SELECT * FROM login /* foobar */SELECT * FROM login WHERE id = 1 or 1=1SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE "%root%"Variations. SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 A/**/ND user L/**/IKE "%root%" SHOW TABLESSELECT * FROM login WHERE id = 1 or 1=1; SHOW TABLESSELECT VERSIONSELECT * FROM login WHERE id = 1 or 1=1; SELECT VERSION()SELECT host,user,db from mysql.dbSELECT...
MySQL Injection Cheat Sheet Basics. SELECT * FROM login /* foobar */SELECT * FROM login WHERE id = 1 or 1=1SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE "%root%"Variations. SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 A/**/ND user L/**/IKE "%root%" SHOW TABLESSELECT * FROM login WHERE id = 1 or 1=1; SHOW TABLESSELECT VERSIONSELECT * FROM login WHERE id = 1 or 1=1; SELECT VERSION()SELECT host,user,db from mysql.dbSELECT...
How to find backdoor PHP shell scripts on a server
Senin, 20 Juni 2011
When hackers get access to your website server, they sometimes install a backdoor shell script designed to allow them to regain entry even after you've cleaned up the site, repaired the original security hole that allowed the hack to occur, otherwise improved site security, and even installed measures to try to lock the hackers out. A backdoor script can be called from a browser like any other web page. It gives its user a web page interface where they can download...
When hackers get access to your website server, they sometimes install a backdoor shell script designed to allow them to regain entry even after you've cleaned up the site, repaired the original security hole that allowed the hack to occur, otherwise improved site security, and even installed measures to try to lock the hackers out. A backdoor script can be called from a browser like any other web page. It gives its user a web page interface where they can download...
Message Me On Whatsapp