This is simple way how to hack pc password. But this is for education purposed only.
Please responsible to use it.
Thursday, April 17, 2008
Simple hacking pc password
This is simple way how to hack pc password. But this is for education purposed only.
Please responsible to use it.
Wednesday, April 16, 2008
2nd Method to Lock Our Folder Wihout Any U2sing Software
This is another method shown how to lock our folder. Seem likes this method not use a software too.
Enjoy!
Yesterday somebody ask me how to lock folder, but i just newbies in hacking activity. Finally, i found i video from Metacafe shown how to lock folder without using software. Just create a file need to write a code.
Tuesday, April 15, 2008
Backdoor Injection- Modules, Forums, Search etc.
Hacking web forms is by no means limited exclusively to login screens. A humble search form, for instance, is necessarily tied to a database, and can potentially be used to amend database details. Using SQL commands in search forms can potentially do some extremely powerful things, like calling up usernames and passwords, searching the database field set and field names, and amending same. Do people really get hacked through their search forms? You better believe it. And through forums, and anywhere else a user can input text into a field which interacts with the database. If security is low enough, the hacker can probe the database to get names of fields, then use commands like INSERT INTO, UNION, and so forth to get user information, change product prices, change account settings/balances, and just about anything else… depending on the security measures in place, database architecture and so on.
So you can have security locked down at the login, but poor security on other forms can still be exploited. Unfortunately this is a real worry regarding 3rd party modules for Web CMS???? products which incorporate forms, and for CMS products these 3rd party modules are often the weakest links which allows hackers access to your database.
source:http://www.cmswire.com/cms/web-cms/how-they-hack-your
-website-overview-of-common-techniques-002339.php
What is SQL Injection all about?
SQL Injection
SQL Injection involves entering SQL code into web forms, eg. login fields, or into the browser address field, to access and manipulate the database behind the site, system or application.
When you enter text in the Username and Password fields of a login screen, the data you input is typically inserted into an SQL command. This command checks the data you’ve entered against the relevant table in the database. If your input matches table/row data, you’re granted access (in the case of a login screen). If not, you’re knocked back out.
source:http://www.cmswire.com/cms/web-cms/how-they-hack-your-website-overview-of-
common-techniques-002339.php
The Simple SQL Injection Hack
In its simplest form, this is how the SQL Injection works. It’s impossible to explain this without reverting to code for just a moment. Don’t worry, it will all be over soon.
Suppose we enter the following string in a Username field:
’ OR 1=1 
The authorization SQL query that is run by the server, the command which must be satisfied to allow access, will be something along the lines of:
SELECT * FROM users WHERE username = ‘USRTEXT ’
AND password = ‘PASSTEXT’
…where USRTEXT and PASSTEXT are what the user enters in the login fields of the web form.
So entering `OR 1=1 — as your username, could result in the following actually being run:
SELECT * FROM users WHERE username = ‘’ OR 1=1 — ‘AND password = ‘’
Two things you need to know about this:
[‘] closes the [username] text field.
‘’ is the SQL convention for Commenting code, and everything after Comment is ignored. So the actual routine now becomes:
SELECT * FROM users WHERE username = ” OR 1=1
1 is always equal to 1, last time I checked. So the authorization routine is now validated, and we are ushered in the front door to wreck havoc.
Let’s hope you got the gist of that, and move briskly on.
List of incidents of class SQL Injection
Previosly, byPasser told me about database injection. So i need more info about databse injection bcoz not really details explained. Finally, i found info thats look incident in SQL injection. I listed all incident happended lately in SQL injection hacking activities. There are 26 incidents of class SQL Injection, but i listed a bit:
1.WHID 2007-47: Commerce Bank, a US regional bank, hacked
Date: 10 October 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
2.WHID 2007-51: 570 Scarborough & Tweed customers' personal information accessed by SQL injection Date: 30 September 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Date: 27 June 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
5.WHID 2007-20: Pirate Bay breach leaks database Date: 10 May 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Date: 08 May 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Date: 15 January 2007
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Date: 13 January 2006
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Date: 01 January 2006
Incident Type: Vulnerability Disclosure
WASC Threat Classification: SQL Injection
Date: 01 November 2005
Incident Type: Security Breach
WASC Threat Classification: SQL Injection
Source:http://www.webappsec.org/projects/whid/list_class_sql_injection.shtml
Company: Web Application Security Consortium
Sunday, April 13, 2008
screenmaniac asked bypasser about hacking
Recently, me(screenmaniac my FS nickname) asked my new friend bypasser(uitm hacker) a bit of questions that really i want to know about hacking. All answer is from his experience and knowledge. Thanks to Bypasser to shared info. Just read my questions and his explanations below;
1. How u define about hack?
Hack for me is a kind of system intrusion without a permission or awareness from the system owner to get some importance data to be used as a benefit for ourself and someone else.. sometimes doing hacking is for testing whether that particular system that hacked have a good security features or not.. and sometimes an exploitation from the bad side.
2. What kind of part [in hacking] u experted?
Hmm.. expert?? not expert at all. but little bit in some part of hacking, database injection, bypassing, cracking something like that.
3. How many hacking competition u involved?
Hacking competition rite now just twice.. international hacking 2006 & 2007 and maybe this year..
4. Any kind of software used to hack pc or server?
Lot of software, depends to it's particular uses. ex : putty, ollydebuger, cain n abel, resource hacker, wireshark, nessus, netbrute, eclips n so on.. but standard on bypassing the server firewall i used putty.. at work.. and http://www.polarhome.com/ is a good place to get some data of the networking in our working place.
Hackers vs Crackers
"...............There is another group of people who loudly call themselves hackers, but aren't. These are people (mainly adolescent males) who get a kick out of breaking into computers and phreaking the phone system. Real hackers call these people ‘crackers’ and want nothing to do with them. Real hackers mostly think crackers are lazy, irresponsible, and not very bright, and object that being able to break security doesn't make you a hacker any more than being able to hotwire cars makes you an automotive engineer. Unfortunately, many journalists and writers have been fooled into using the word ‘hacker’ to describe crackers; this irritates real hackers no end.
source: http://catb.org/~esr/faqs/hacker-howto.html#what_is
The basic difference is this: hackers build things, crackers break them..............."
..so which one u want to be?be behave hacker
Subscribe to:
Posts (Atom)
