Hacking just for fun
When a SQL Injection attack is performed, one of the many possibilities is that in which the contents of sensitive data can be extracted from the web server A very common example is the following: Assuming that you have found an SQL Injection on a site where a GNU / Linux system is installed. We … Continue reading Local File Inclusion using SQL Injection
requirements: - kali linux - setoolkit (Social Engineering Tool Kit). - an internet connection Alternatively, a linux distro is sufficient. You can download setoolkit from github: https://github.com/trustedsec/social-engineer-toolkit The installation is simple and is described on the github page, so we will skip this step. let's begin First we have to start setoolkit. Open the terminal … Continue reading How to make a Fake login page of Instagram/Facebook/Twitter and stoling passwords
» Generic – Bypass Authentication The following payloads are generally applied to login forms with a username and password. Correctly performing these attacks will allow you to authenticate to the web application (unless otherwise stated). Payload Description (if any) realusername OR 1=1 Authenticate as a real user without requiring a password. OR = Allows authentication … Continue reading SQL Injection Cheat Sheet
In this paper we will look at another method of attack using sql injection. In the previous paper (Click here to read) we have seen how to use SQL Injection in a GET form. An example was that of the news.php page that displayed the articles by selecting an id that would be visible in … Continue reading SQL Injection Authentication Bypass and POST Form Attack
WordPress has always been one of the most stable and secure CMS. But that does not mean that it is free of all kinds of bugs. They are certainly less likely than others to be hacked, but the presence of additional plugins makes it as versatile as it is at risk. The plugins available for … Continue reading WordPress vulnerabilities scanners and bruteforce tools – Part 1 – WPSCAN
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repo onto a new testing box … Continue reading OWASP SecLists Project – Github Repository
Sqlmap is a very useful tool written in python to perform automated attacks such as sql injection and blind sql injection. The sqlmap options are so many, and they are all available using sqlmap -h or man sqlmap, so in this tutorial we will see how to use it to the best, but not all … Continue reading Sqlmap – sql injection and blind sql injection exploitation tool – How to use it
Directory traversal It is essential to mention this attack before we start talking about LFI. If possible, when making an attack of type LFI, it would be useful to be able to identify the location of the file containing the vulnerability. In the present case, making a directory traversal type attack will allow to know … Continue reading Local File Inclusion and Directory traversal
Remote File Inclusion, or RFI, in the field of computer security, indicates a vulnerability affecting web services with little control over the variables received by a user, in particular the PHP GET and POST variables (but not only in php). The vulnerability occurs when a page to be included is passed through an uncontrolled variable. … Continue reading Remote File Inclusion – Attack and Defense
This tutorial assumes you have setup the required lab environments to run the penetration test. If you need help setting up DVWA, check this out. If you need help setting Kali on your VM, here is a good place to start. Introduction When you need to brute force crack a remote authentication service, Hydra is … Continue reading HTTP login form Bruteforce with Hydra and Burpsuite
Goldenhacking 