Cross Site Request Forgery

 Through CSRF you can change the admin password,is not so inoffensive. Can be used with XSS,redirected from XSS.


 Basic example
- Code snippet from test.php

-----------------------------------------
<?php
check_auth();
if(isset($_GET['news']))
{ unlink('files/news'.$news.'.txt'); }
else {
die('File not deleted'); }
?>

Cross-Site Scripting

You can use alot of vectors,can try alot of bypass methods,you can find them around the web.



Basic example
- Code snippet from test.php

---------------------------------
<?php
$name=$_GET['name'];
print $name;
?>
---------------------------------

The input is not filtered,an attacker can inject Javascript code.Example :

http://127.0.0.1/test.php?name=<script>alert("XSS")</script>

How to bypass Admin/user login through SQL Injection

- Code snippet from /admin/login.php

------------------------------------------------------------------------------------------------------------------------------
$postbruger = $_POST['username'];
$postpass = md5($_POST['password']);
$resultat = mysql_query("SELECT * FROM " . $tablestart . "login WHERE brugernavn = '$postbruger' AND password = '$postpass'")
or die("<p>" . mysql_error() . "</p>\n");

2 things Before you attack your Victim

2 things before you Attack your victim! What’s that? When you using rat or any other key logger or Trojan, it’s get detected by Antivirus application or get blocked by Firewall. 

So we need make those application shutdowns before we attack.  How? There is various ways to make them shutdown. I personally prefer batch coding. There is application Win RAR, with that application you can make deadly combination of various batches. Today we will learn how to code those batches.

Hacked Information About Bangladesh Bank

Hello guys and gals, I'm with a new stuff. I have some information about a Bangladesh Bank and about its customer. Take a look.. I don't know about this $%^&* it is, I know it is real valuable to some people. I have found this document by Google hacking.

How to hack facebook Clicking Games

Hello guys and gals, Today I’m with a funny stuff to hack facebook’s clicking games. I know there is various clicking game, this application applicable for all. This is not any kind of Java code or similar. It’s a hardcore C program.  Here is the code:-

How To Setup Your Own Anonymous Email Service

Now i'm writing this tutorial ,to tech you how to setup your own anonymous email service ! Ideal for social Engineering :)
It's easy as copy paste :P

So now we need a host that supports PHP and SendMail !
Here is one that works perfect , and without ads !

How to crack IIS FTP password using Brute-Force

FTP is an application or service or protocol  which can be used to transfer files from one place to another  place ,it really comes very handy  during transfer of files from a local box to a remote one .Suppose someone get access to your FTP then he/she can cause nightmare for you by uploading  inappropriate images or files etc.Here we will discuss how we can crack the password of IIS installed FTP service in Windows.

How to hack Using Google

Google is a very very very powerful tool! If you know how the Internet works and you know how Google works, you can find out some “very secret information” from the dark corners of the Internet. You see, Google tries to “index” everything that is on the Internet. What does “index” mean? Basically, “index” means, read and remember! You see, Google is reading websites on the Internet 24 hours a day. It is looking at new websites and new web pages. It looks at each web page and finds out what the web page is about. It decides how good the web page is and also decides many other things about the web page…

How to Find Serial Key / Cracks for Any Software

I assume that most of you use pirated software. Not everyone can afford buying a program like Photoshop, which costs $699. In this case you can use alternative, free software or you can download a pirated, cracked version of the program. There is a vast number of websites out there, where you can find serial numbers and cracks for any program, but most of them aren't safe to use. Actually most of them are spam sites that “bombard” you with full-screen popup ads, or commandeer your computer into a spam-loving Kraken  or Srizbi Botnet army. In this post I will show you the most efficient way of downloading cracks and serial numbers without any risk to your pc.