Hacking simple tricks

Absinthe – SQL injection tool


Absinthe – SQL injection tool Absinthe is a gui-based tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection.  Absinthe does not aid in the discovery of SQL Injection holes. This tool will only speed up the process of data recovery.  Features: Automated SQL Injection Supports MS SQL Server, MSDE, Oracle, Postgres Cookies / Additional HTTP Headers Query Termination Additional text appended to queries Supports Use of Proxies / Proxy Rotation Multiple filters...

The Mole – Automatic SQL Injection SQLi Exploitation Tool


The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command line interface....

HTG Explains: How Hackers Take Over Web Sites with SQL Injection / DDoS


Even if you’ve only loosely followed the events of the hacker groups Anonymous and LulzSec, you’ve probably heard about web sites and services being hacked, like the infamous Sony hacks. Have you ever wondered how they do it? There are a number of tools and techniques that these groups use, and while we’re not trying to give you a manual to do this yourself, it’s useful...

Hacking website using SQL Injection -step by step guide


Before we see what  SQL  Database: Database is collection of data. In website point of view, database is used for storing user ids,passwords,web page details and more.  Some List of Database are: * DB servers, * MySQL(Open source),  * MSSQL,  * MS-ACCESS,  * Oracle,  * Postgre SQL(open source),  * SQLite, SQL: Structured Query Language is Known as SQL. In order to communicate with the Database ,we are using SQL query. We are querying the database so it is called as Query language. Definition...

How They Hack Your Website: Overview of Common Techniques


Case Studies: Learn How the Experts Are Managing Customer Experience We hear the same terms bandied about whenever a popular site gets hacked. You know… SQL Injection, cross site scripting, that kind of thing. But what do these things mean? Is hacking really as inaccessible as many of us imagine — a nefarious, impossibly technical twilight world forever beyond our ken? Not really. When you consider that you can go to Google right now and enter a search string which will return you thousands of usernames and passwords to...

The Target Intranet(sql injection)


This appeared to be an entirely custom application, and we had no prior knowledge of the application nor access to the source code: this was a "blind" attack. A bit of poking showed that this server ran Microsoft's IIS 6 along with ASP.NET, and this suggested that the database was Microsoft's SQL server: we believe that these techniques can apply to nearly any web application backed by any SQL server. The login page had a traditional username-and-password form, but also an email-me-my-password link; the latter proved to be the downfall of the...

 
Previous
Next Post »