Basic SQL injection attack tutorial
6:32 PM Posted by Preetish Panda
SQL Injection ::SQL(Structured Query Language) injection occurs when an attacker is able to insert a series of SQL statements into web forms, eg. login fields, or into the browser address field by manipulating data input into database behind the site, system, application.
Requirement ::
A web browser
Potential locations to exploit ::
Login fields ,Search page,Feedback form,The browser address field,etc.
Mode of Operation ::
Let's take an example of login page ('form' page) where user types a username and password for authentication.
The 'query string' generated when user logs in using username and password is something like this
var sql = "select * from users where username = ' username ' and password = ' password '";
There are two things you need to know to understand the rest of the stuff .
If you don't get them don't worry coz explanation is given at the end .
1. ‘ closes the username text field.
2. ‘--' is the SQL convention for Commenting code, and everything after Comment is ignored. Sometimes instead of '--' ' #' is used. The hash symbol (#) tells that everything following it is a comment and to ignore it.
If the attacker specifies the following:
Username: '; drop table users--
Password:
..the 'users' table will be deleted, denying access to the application for all users. The '--' character sequence is the 'single line comment' sequence as stated
above and the ';' character denotes the end of one query and the beginning of another. The '--' at the end of the username field is required in order for this particular query to terminate without error.
The attacker could log on as any user, given that they know the users name, using the following input:
Username: admin'--
The attacker could log in as the first user in the 'users' table, with the following input:
Username: ' or 1=1--
Explanation ::
Let's see how the query string looks when attacker gives
Username:anything'or 1=1--
Password:
Something like this ::
" select * from users where username = 'anything' or 1=1--'and password ='' ";
In this query will ::
1. take the username field as anything
2. check whether 1=1 due to OR 1=1 part of anything' or 1=1-- given as input
3. ignore everything after comment dude to '--' given at the end .
Advanced Information ::
This tutorial is for quite basic understanding and for more advanced informations ,security tips
http://www.securiteam.com/securityreviews/5DP0N1P76E.html
http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php
http://www.unixwiz.net/techtips/sql-injection.html
Download O’Reilly Hacks Ebook All-In-One (26 in 1)
11:13 PM Posted by Preetish Panda
This download of O’Reilly Hacks All-In-One pack is divided into 4 rapidshare download links which has 26 ebooks.01- O’Reilly Paypal Hacks
02- O’Reilly Amazon Hacks
03- O’Reilly Wireless Hacks
04- O’Reilly Network Security Hacks
05- O’Reilly eBay Hacks
06- O’Reilly Word Hacks
07- O’Reilly Flash Hacks
08- O’Reilly Yahoo Hacks
09- O’Reilly Google Hacks
10- O’Reilly Firefox Hacks
11- O’Reilly Windows XP Hacks
12- O’Reilly Windows Server Hack
13- O’Reilly PC Hacks
14- O’Reilly IRC Hacks
15- O’Reilly PDF Hack
16- O’Reilly Podcasting Hacks
17- O’Reilly Swing Hacks
18- O’Reilly BSD Hacks
19- O’Reilly Spidering Hacks
20- O’Reilly Visual Studio Hacks
21- O’Reilly Car PC Hacks
22- O’Reilly Digital Video Hacks
23- O’Reilly Digital Photography Hacks
24- O’Reilly Mapping Hacks
25- O’Reilly Halo 2 Hacks
26- O’Reilly Retro Gaming Hacks
http://rapidshare.com/files/25115586/B000121.part1.rar
http://rapidshare.com/files/25116322/B000121.part2.rar
http://rapidshare.com/files/25133288/B000121.part3.rar
http://rapidshare.com/files/25134067/B000121.part4.rar
Password : xylofon
5 Easy steps to create webserver in home computer with php,mysql,apache
11:21 PM Posted by Preetish Panda
This tutorial will address the basic setup of a server on your own computer running with windows platform. This means the removal of hassles of dealing with the company that is running a remote web server. It will be easy to modify. You can add any thing you want to it, be it CGI/Perl, Zope, Roxen, etc, all by your self. You will have unlimited disk space, well at least as big as your hard disk drive . Now that you know the advantages, it is time that I tell you what you will need.You will need XAMPP 1.6.8 which is available for free & combines all of the following
* Apache HTTPD 2.2.9 + Openssl 0.9.8i
* MySQL 5.0.67
* PHP 5.2.6
* PHP 4.4.9
* phpMyAdmin 2.11.9.2
* FileZilla FTP Server 0.9.27
* Mercury Mail Transport System 4.52
STEP 1 :
1.I recommend to download Self-extracting 7-ZIP archive version because of its low size compared to other two versions.
Download Link
STEP 2:
After downloading extract the archive to folder of your choice.Don't panic if it halts for few minutes at some stage (may be at 27%,32% or 81%) during extraction.
Just be patient.
Remember that XAMPP folder will be created automatically which meansyou don't need to create one.
STEP 3
Now,loacate the file in the setup-xampp.bat in the XAMPP folder and run it.
You will see something like this ::
NOTE::
To start XAMPP without setup!«
If you extract XAMPP in a top level folder like c:\xampp or d:\xampp etc., you can start XAMPP directly. That means you do not need to execute the “setup_xampp.bat” at all. Apache, MySQL and Mercury Mail server will start up correctly! FileZilla FTP server will not start because it requires absolute paths. Please note: Do not use a double-xampp-folder like c:\xampp\xampp! You need a single-xampp folder like d:\xampp(\apache and so on). Otherwise you must run the “setup-xampp.bat” to set up the path configurations.
STEP 4
XAMPP control Panel
Run the file xampp-control.exe present in the folder XAMPP. The XAMPP Control Panel will appear.
To have the Apache server and the MySQL database started upon the system startup, install them as services by checking the Svc checkboxes next to them. Then ckick OK in the XAMPP Control dialog box that opens.
The Apache and MySQL servers are installed as services.
To start the Apache HTTP server, click Start.
To start the MySQL database server, click Start.
Here are some more server scripts, you might find useful:
* Apache & MySQL start: .\xampp\xampp_start.exe
* Apache & MySQL stop: .\xampp\xampp_stop.exe
* Apache start: .\xampp\apache_start.bat
* Apache stop: .\xampp\apache_stop.bat
* MySQL start: .\xampp\MySQL_start.bat
* MySQL stop: .\xampp\MySQL_stop.bat
* Mercury Mailserver start: .\xampp\mercury_start.bat
* FileZilla Server setup: .\xampp\filezilla_setup.bat
* FileZilla Server start: .\xampp\filezilla_start.bat
* FileZilla Server stop: .\xampp\filezilla_stop.bat
STEP 5
Checking XAMPP Installation
Open the URL http://localhost or http://127.0.0.1 in your browser .Click on the preferred language and you'll get this welcome screen for English.
UNINSTALLATION::
Shut down the XAMPP server and exit all panels. If you installed any services, shut them down too.
Simply delete the entire folder where XAMPP is installed. There are no registry entries and no environment variables to clean up… just simply good, clean code! Don’t forget to uninstall any services you might have installed.
FOR BASIC QUESTIONS
Click Here
Free live cd distros for Pentest, Recovery& Forensics
3:50 PM Posted by Preetish Panda
Penetration testing is the security-oriented probing of a computer system or network to seek out vulnerabilities that an attacker could exploit.A distro is a unix-like operating system comprising software components such as the Linux kernel, the GNU toolchain, and assorted free and open source software.
I've listed 20 top distros used for Pentest, recovery & forensics .
1. BackTrack
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax(formely WHoppix). and Auditor, combining the best features from both distributions, and paying special attention to small details, this is probably the best version of either distributions to ever come out.
Based on SLAX (Slackware), BackTrack provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, etc.
http://www.remote-exploit.org/index.php
2. Operator
Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.
http://www.ussysadmin.com/operator/
3. PHLAK
PHLAK or [P]rofessional [H]acker?s [L]inux [A]ssault [K]it is a modular live security Linux distribution (a.k.a LiveCD). PHLAK comes with two light gui?s (fluxbox and XFCE4), many security tools, and a spiral notebook full of security documentation. PHLAK is a derivative of Morphix, created by Alex de Landgraaf.
Download Link1
Download Link
4. Auditor
The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier.
Download
5. L.A.S Linux
Local Area Security Linux is a ?Live CD? distribution with a strong emphasis on security tools and small footprint. We currently have 2 different versions of L.A.S. to fit two specific needs - MAIN and SECSERV. This project is released under the terms of GPL.
http://www.localareasecurity.com/downlo
6. Knoppix-STD
STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can.
http://www.knoppix-std.org/download.html
7. Helix
Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.
http://www.e-fense.com/helix/
8. F.I.R.E
FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.
http://fire.dmzs.com/
Link 2
9. nUbuntu
The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience.
http://www.nubuntu.org/downloads.php
10.DEFT
DEFT (acronym of "Digital Evidence & Forensic Toolkit) is a customized distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics.
http://securitydistro.com/downloads/6/DEFT.php
11. INSERT Rescue Security Toolkit
INSERT is a complete, bootable linux system. It comes with a graphical user interface running the fluxbox window manager while still being sufficiently small to fit on a credit card-sized CD-ROM.
The current version is based on Linux kernel 2.6.12.5 and Knoppix 4.0.2
http://www.inside-security.de/insert_en
12.Samurai
The Samurai Web Testing Framework is a LiveCD focused on web application testing. We have collected the top testing tools and pre-installed them to build the perfect environment for testing applications.
http://securitydistro.com/downloads/44/Samurai.php
13.Russix
Russix is a Slax based Wireless Live Linux. It has been designed to be light (circa 230Mb) and dedicated purely to wireless auditing. It is not a script kiddy phishing tool and as such, while it will allow you to break a WEP key in 6 key strokes and conduct an "Evil Tiny Twin" attack in less than 5, it will not let you become the latest version of Barclays Bank.
http://securitydistro.com/downloads/42/Russix.php
14.Stagos FSE
Stagos FSE aims to be a computer forensic framework based on FLOSS operating system. Builds from Ubuntu, it has many feature to do forensics stuff. It supports read variant filesystem, include ntfs. It also support read some forensic imaging file from another forensic software such like ENCASE.
http://securitydistro.com/downloads/38/Stagos-FSE.php
15.Protech
Protech is a specially designed Linux distribution for security technicians and programmers.
It's imcomparable usability and stability makes this a unique product.
http://securitydistro.com/downloads/13/Protech.php
16.OWASP Labrat
The OWASP Live CD (LabRat) is a bootable CD akin to knoppix but dedicated to Application Security. It shall serve as a vehicle and distrubition medium for OWASP tools and guides.
http://securitydistro.com/downloads/12/OWASP-Labrat.php
17.OSWA Assistant
The OSWA-Assistant is a self-contained, freely downloadable, wireless-auditing toolkit for both IT-security professionals and End-users alike.
http://securitydistro.com/downloads/41/OSWA-Assistant.php
18.Ophcrack
The ophcrack LiveCD contains a small linux system (SLAX6), ophcrack for linux and rainbow tables for alphanumerical passwords.The liveCD cracks passwords automatically, no installation necessary, no admin password necessary (as long as you can boot from CD). Windows Vista SAM can also be cracked.
http://securitydistro.com/downloads/34/Ophcrack.php
19.KCPentrix
The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and system administrators.
http://securitydistro.com/downloads/9/KCPentrix.php
20.Hakin9
A bootable distribution containing all the tools and materials needed for practising methods and techniques described in the hackin9 magazin.
http://securitydistro.com/downloads/7/Hakin9.php
SecureDVD is a live DVD collection*) featuring the 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) as per Darknet (see article here) on one single DVD. The live DVD collection features the following security based live distributions (click names for further information):
1. BackTrack
2. Operator
3. PHLAK
4. Auditor
5. L.A.S. Linux - Local Area Security
6. Knoppix-STD
7. Helix
8. F.I.R.E.
9. nUbuntu
10. INSERT Rescue Security Toolkit
SecureDvd
Tamperdata firefox addon to modify http headers
12:52 AM Posted by Preetish Panda
TamperData is an open source firefox add-on which can be used to manipulate the html requests and responses.It can halt the traffic http requests and modify any of the data that is being submitted to the website.It's wise use can enable us to tamper or modify data to view and modify HTTP/HTTPS headers and post parameters...TamperData is an easy, excellent way to see what web application is doing and we can start testing it with different and various types of data.
It's common uses can be inspection of
1)cookie handling by the browser
2)redirections
3)http authentication etc
Extension is the predefined set of context menu entries that makes tampering with parameters so much easier. These context menu entries include static elements such as SQL, XSS and others.That means there is no need to use Javascript Injection or re-posting web pages.
For more information visit the home page of TamperData.
http://tamperdata.mozdev.org/
Visit this to understand its use step by step
http://jimbojw.com/wiki/index.php?title=Tamper_Data
The add-on link for mozilla firefox
https://addons.mozilla.org/en-US/firefox/addon/966
Tampering some of the shopping sites can be done using more of its concepts
Download the example given in GIF format
(size 4.5MB)http://www.4shared.com/file/60296573/22a512c2/Tamper_any_online_shop.html
For more google it !!
Remove blogger navigation bar :: two methods
4:12 PM Posted by Preetish Panda
For each of the blogs at Blogspot.com, the domain name of free blog hosting for Blogger, there is a notable Blogger navigation bar (also known as NavBar) at the top of each blog pages!
They have got some important functions like new post,search,customize etc.But,many think that they badly mess with the look of blog.So,any wayz as you have decided to dump them I'm gonna tell you two methods to remove them.
1.Completely remove navigation bar (CSS hack)
2.Create show/hide button to display or show the navigation bar
1.Completely removing navigation bar (CSS hack)
Before jumping into this hack I must tell you this hack is restorable that is you can get your navbar back.
If you wonder how to remove the blogger beta navbar, this is the way to do it:
I. Login to your blogger account.
II. Open the “Layout” for your blog.
III. Click the “Edit HTML” link.
IV. Copy this code:
#navbar-iframe { height:0px; visibility:hidden; display:none }
V.Paste the code given above just after
<b:skin><
Express your emotions by these smileys in orkut scrapbook and community posts.
In this post we'll be dealing with detailed steps to send captcha free nice looking smileys in orkut scrap book and community posts.
For this you need
1.Mozilla Firefox Browser (Click here to Download)
2.Grease Monkey Addon (Click here to Add to Firefox)
3.Grease monkey Scripts
Before installing the scripts given below you'll have to do some editing in firefox congiguration for avoiding script errors.
a. Open Firefox and in the address bar type about:config.
b. Click on "I'll be careful, I promise!"
C. Now on the filter box type script and search for dom.max_script_run_time.Then right click>Modify and set its value to more than 50.
For more Information on how to edit Firefox configuration check here.
Installing the script is simple. Once you go to the link provided just click on the "Install" button
http://userscripts.org/scripts/show/36885
http://userscripts.org/scripts/show/39073
http://userscripts.org/scripts/show/39264
http://userscripts.org/scripts/show/39309
http://userscripts.org/scripts/show/39701
http://userscripts.org/scripts/show/31438
http://userscripts.org/scripts/show/33821
http://userscripts.org/scripts/show/37952
These will work in community posts only if html if enabled in the community.
If you need script for formatting toolbar ..then reply here I'll post them.
To Disable The Script:
1.Tools--->Greasemonkey----->Manage user scripts.
2.Select the script it will be highlighted then unmark the enabled button.
3.Click OK
To Uninstall The Script:
1.Tools--->grease monkey----->manage user scripts.
2.Select the Script you want to uninstall.It will be highlighted
3.At the bottom unmark the enabled mark on the check box and also mark uninstall associated preferences.
4.Click uninstall.
Posts
