Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 

Pages: 12Next
Current Page: 1 of 2
Results 1 - 30 of 39
10 months ago
jammy99
http://www.locksupermarket.co.uk/search-result.php?search=null%27%29%20UnIoN%20SeLect%201,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5--%20-
Forum: SQL and Code Injection
1 year ago
jammy99
anyone can share any recent word press hacking tutorial?
Forum: SQL and Code Injection
1 year ago
jammy99
yes its blind for sure
Forum: SQL and Code Injection
1 year ago
jammy99
better learn php with oops concept to hack such websites.
Forum: SQL and Code Injection
1 year ago
jammy99
acunetix is gay for finding sqli. it can show sqli in any site in cookie param. and that is wrong try finding new point
Forum: SQL and Code Injection
1 year ago
jammy99
actually they have directory name backup on joomla website url is like http://website.com/administrator/backups they dont have sitemap.xml and robots.txt can you please tell me what should me my search keywords for bing google and all to find filed into backups folder? i hope they might have .sql file in this backups folder. or if anyone knows how joomla creates the filenames in b
Forum: SQL and Code Injection
1 year ago
jammy99
is there a way to find all the files resides in a web folder? example http://site.com/dir when i open this URL i get blank page. But i want to know if there is a way to get all files. I tried Acnuetix but it could not find
Forum: SQL and Code Injection
1 year ago
jammy99
may be for seo purpose
Forum: Jobs
1 year ago
jammy99
i hope you dont have access to this file /etc/.shadow this is the file contain passwords. /etc/passwd is the file contain all users list
Forum: CSRF and Session Info
1 year ago
jammy99
please pm me url
Forum: SQL and Code Injection
1 year ago
jammy99
kn1ghtc Wrote: ------------------------------------------------------- > give me the site thank you very much for raising your hand to help me. :-) i hacked it myself, i got blind sql injection into it and wrote blind sql dumper in vb6 to dump required data. now im in dumping process it may finish dumping within next saturday. if they fix the bug then i will suck
Forum: SQL and Code Injection
1 year ago
jammy99
okay i guess it as inet_address
Forum: SQL and Code Injection
1 year ago
jammy99
anyone please share a good word list to guess email address field name i have guess so many words but no success. please give me good word list
Forum: SQL and Code Injection
1 year ago
jammy99
i tried to upload .htaccess file but when file was uploaded its name becomes 10.htaccess record ID is added with each file name. however somebody was able to upload a file without the number in starting of the filename. there is a file code.php but it does not executes current login is username = 10 password = M@y0r
Forum: SQL and Code Injection
1 year ago
jammy99
this is a blind sql injection vulnerable URL ?data=valid' and '1'='1 i want to know database name and tables names and want to inject this query AND ISNULL(ASCII(SUBSTRING(CAST((SELECT LOWER(db_name(0)))AS varchar(8000)),1,1)),0)>90 what could be the correct syntax to injection this query in above blind sql injection? Or how can i inject this query in above url Also im not su
Forum: SQL and Code Injection
1 year ago
jammy99
i can find skillful peoples here only. you all are real experts.
Forum: SQL and Code Injection
1 year ago
jammy99
i did not ask you to trust, i asked you to help. i can assume that you can / could not break into the website that i sent you in your PM. thats y you writing such words. Well none of your business...
Forum: SQL and Code Injection
1 year ago
jammy99
you have site url on pm. please test it i will pay you too from firm account.
Forum: SQL and Code Injection
1 year ago
jammy99
anyone please reply
Forum: SQL and Code Injection
1 year ago
jammy99
i want help from you experts here :( my boss told me to hire a man to perform pen testing on a website. I found one guy from pakistan, He told me that he has performed pen testing on the website and has sql injection report with him, And he sent me some data for proof and asked for the payment first. I sent him payment, But he did not give me sql injection flaw report and started to ask
Forum: SQL and Code Injection
1 year ago
jammy99
anyone can help me to upload shell with help of fckeditor? please share some exploits with me :-(
Forum: SQL and Code Injection
1 year ago
jammy99
i will try another website on same server
Forum: SQL and Code Injection
1 year ago
jammy99
can you please give me any english site where i can crack this password? or if you know its plain text please post here
Forum: SQL and Code Injection
1 year ago
jammy99
there is direct command to connect to mysql on server with root or any ither user. you can use any mysql client to like sqlwave to connect to mysql of any host. but you can only connect if server accepts remote connection.
Forum: SQL and Code Injection
1 year ago
jammy99
anyone knows how these passwords can be cracked? admin:2a4cbce0729af73b cityadm:2a4cb86a729af2c5
Forum: SQL and Code Injection
1 year ago
jammy99
i have uploaded shell to the server but when i open its URL, it does not work. here is all info i have http://www.cityofdouglassks.com/login.php username = 10 password = mayor when you are logged in go to My Profile Direct link is here http://www.cityofdouglassks.com/contact.php?action=add&personid=10 there is alink to Add image / Remove image here is direct link
Forum: SQL and Code Injection
1 year ago
jammy99
i have one quick question and just want to know something. suppose there is a site hosted on a dedicated server and site is secure, there is no sql injection, so what could be other possibilities to enter in the server? i hope some experts can help with this question :-)
Forum: SQL and Code Injection
1 year ago
jammy99
thank you very much
Forum: SQL and Code Injection
1 year ago
jammy99
i already have this solution. this is already provided by ajkaro. i hope you could get another way with double query only. btw pls check pmb
Forum: SQL and Code Injection
Pages: 12Next
Current Page: 1 of 2