A friend of mine at College was asking me this.
SQL injection is the most common and videly used exploit by hackers all over the world…few days back i was just doing some SQL injection test on Indian govt sites, I was shocked to see how many imp govt sites r open to it….this is a big thread for us…a malicious hacker can do a lot of harm if he wish to.

Vocabulary:

* SQL: Server Query Language-used in web applications to interact with databases.
* SQL Injection: Method of exploiting a web application by supplying user input designed to manipulate SQL database queries.
* “Injection”: You enter the injections into an html form which is sent to the web application. The application then puts you input directly into a SQL query. In advertantly, this allows you to manipulate to query…

Prerequisite:

* A background of programming and a general idea of how most hacking methods are done.

Application:

* Hacking a SQL database-driven server (usually only the ones that use unparsed user input in database queries). There is still a surprising number of data-driven web applications on the net that are vulnerable to this type of exploit. Being as typical as all method, the frequency of possible targets decreases over time as the method becomes more known. This is one those exploits that aren’t easily prevented by a simple patch but by a competent programmer.

Use:
First, let’s look at a typical SQL query:
SELECT fieldName1, fieldName2 FROM databaseName WHERE restrictionsToFilterWhichEntriesToReturn

Now, to dissect…
The red areas is where criterion is inputed. The rest of the query structures the query.

* SELECT fieldName1, fieldName2 – Specifies the of the names of fields that will be returned from the database.
* FROM databaseName – Specifies the name of the database to search.
* WHERE restrictionsToFilterWhichEntriesToReturn – Specifies which entries to return.

Here is an example for somebody’s login script:

SELECT userAcessFlags FROM userDatabase WHERE userName=”(input here)” AND userPass=”(input here)“

The idea is guess what that application’s query looks like and input things designed to return data other than what was intended.

In the example, input like the following could give gain access to the administrator account:

User: administrator
Pass: ” OR “”=”

Making the query like this:

SELECT userAcessFlags FROM userDatabase WHERE userName=”administrator” AND userPass=”” OR “”=”“

As you can see, “”=”” (nothing does indeed match nothing)
Note: Injections are rarely as simple as this…

One can be creative and use error messages to your advantadge to access other databases, fields, and entries. Learn a little SQL to use things like UNION to merges query results with ones not intended.On the security side, parse user data and get rid of any extra symbols now that you know how it’s done.

The idea in this example is to break out of the quotation marks.
When stuff is inside quotation marks, the stuff isn’t processed as code or anything but as a phrase and what it is.

The password injection was: “ OR “”=“
What this does is close the string that was started by the quotation mark in the part userPass=”. Once you break out, THEN stuff is considered code. So, I put OR “”=” after I break out of the string. You will notice that it is comparing two quotation marks with one, but the quotation mark already built in by the application finishes it so we have this:
userPass=”” OR “”=””
Notice how the first and last quotation marks are not colored and are not built in.

Additional notes:
This was just an extremely simplified version and you will probably need to learn a little SQL to fully understand.

Here are a few SQL terms that do other things:
UNION: You use this to merge the results of one query with another. You may put things like SELECT after UNION in order to search other databases and stuff. Sometimes you may need to use ALL in conjuction to break out of certain clauses. It does no harm so when in doubt you could do something like:
” UNION ALL SELECT 0,”,’hash’ FROM otherDatabase WHERE userName=”admin
The key when using UNION is to make your new query return the same amount of columns in the same datatype so that you may get the results you want.

:– This works sometimes to terminate the query so that it ignores to the rest of the stuff that might be fed afterwards if you don’t like it. For example:
SELECT * FROM userDatabase WHERE userName=”admin”;–” AND userPass=”aH0qcQOVz7e0s”

NOT IN: If you have no idea which record you want you could record cycle (you request vague info, and you put what you already got in the NOT IN clause so that you can get the next entry)
Usage:
SELECT userName userPass FROM userDatabase WHERE userName NOT IN (‘Dehstil’,’Twistedchaos’)

EXEC: This command should never work, but if it does…you win; you could do anything. For instance, you could inject something like this:
‘;EXEC master.dbo.xp_cmdshell ‘cmd.exe dir c:

All my examples so far have dealt with read processes. To manipulate a write process, here is an example for those who know what their doing:
INSERT INTO userProfile VALUES(”+(SELECT userPass FROM userDatabase WHERE userName=’admin’)+” + ‘Chicago’ + ‘male’)
This example would theoretically put the admin’s password in your profile.

Want to know how to to lock a folder using Notepad ?

Here is the trick :

• Consider you want to lock a folder named PICS in your D:\ , whose path is D:\PICS
• Now open the Notepad and type the following

  ren pics pics.{21EC2020-3AEA-1069-A2DD-08002B30309D}

• Where pics is your folder name. Save the text file as lock.bat in the same drive.
• Open another new notepad text file and type the following

  ren pics.{21EC2020-3AEA-1069-A2DD-08002B30309D} pics

• Save the text file as key.bat in the same drive.

Usage :

• To lock the pics folder, simply click the loc.bat and it will transform into control panel icon which is inaccessible.
• To unlock the folder click the key.bat file. Thus the folder will be unlocked and the contents are accessible.

Well the awesome screen shot of the desktop was mine until I realised the reason we have a messy desktop is it so easy to access and we go on adding stuff untill we get the annoying windows clean my desktop wizard like an unwanted House keeping knock on a cheesy motel !

Not any more….also check out a way to launch your fav programs faster than searching in start menu !

Well here is how we do it, we are going to create an alternative to desktop !

1) Create a folder which will be your alternative to desktop.

I strongly recommend that you create this Folder other than C: as a matter of fact you should not be using C: to store any personal file since if you need to format your C: all the personal file will be lost !

I am going to call this folder Quickdesk

Make it hidden (By right click properties)

2) Add quickdesk to task bar

This is best way to access the quickdesk since it will contain folders (such as Music, Movies, Photos etc)

To add Rightclick on Taskbar > Toolbars > New Toolbars
Then browse to the location where you have quickdesk. This adds a toolbar by which you can directly go to the place where you want to go.

As you start using this you will realise how productive this way is !

(Just in case you are wondering what are those folders, there are not default. These are the folders created earlier)

3) Create a shortcut of Quickdesk
You can do this by the usual method by Right – click on the folder Create short cut and then rename the Shortcut to Quickdesk.

Now to add some style choose a icon for the Shortcut By Right click > Properties > Shortcut tab > Change Icon. You can even choose a fancy one by clicking browse.

4) Copy the shortcut to Desktop

We are adding a shortcut to desktop for one main reason is access the quickdesk while Uploading or dowloading you don’t have to browse for Quickdesk instead just go to desktop and click on Quickdesk icon which will take you to the Quickdesk folder.

5) Add this short cut to your Quick launch

You can add to Quick lauch by dragging the Shortcut from desktop to the quick launch.

This will be the fastest way to access the Quickdesk !
If you don’t have the Quick launch toolbar than you can add that by Right clicking the taskbar > Toolbars > Quick launch

6) Copy to windows folder

Copy Quickdesk short cut to windows folder ( By default c:windows) so that we can launch by the run (windows + R ) or start > Run

Just by typing quickdesk and clicking run will launch the folder.
You can use this method for launching folders inside the quickdesk folder.

How to Start using ?

The idea is to use shortcuts to organise the most accessed data we have. We keep our data disorganised to different reasons such as space availability, convenience etc. So while your Music might be in some folder in d: your photos in several different place !

Create folders for each type of category. Photo, Movies, Videos, Music, downloads to name a few !

Here comes the Oh yeah moment !

So assume you have songs in a folder in d:somefoldermorefolderthefoldersongs (even somplace on your network !)

To make it accessible fast create a shortcut on Music folder by Rightclick > New >Create shortcut

I even changed the icon of the shortcut to a much more appropriate !

Now check out how easy this is to access in the screen shot below !

Now in winamp to play it just got to desktop > Quickdesk > Music > songs shortcut !

Talking about Winamp you can even launch application like this !

We all know what pain in the neck it is to Go to start and wait till the Ram deficient CPU displays the list of programs and then search the one you want ! Keeping the shorcuts on the desktop also adds to clutter to startwith !

To add Application to Quickdesk, copy the shortcut from the desktop or program files and paste it in the :Quickdeskprograms

Now check out how east and FAST it is to launch this way !

This has completely changed the way I access the data….. Did it yours ?

An amazing book to make Windows XP run the way you want it to. From Tweaks to the Most famous Hacks , Everything Revealed….

Description:

* Get ready for some down-and-dirty hackin’! Over 200 serious hacks readers can use to force Windows XP to do it their way, written in the ExtremeTech no-holds-barred style
* Sinchak doesn’t waste time tweaking Movie Maker or Instant Messenger-these hacks are heavy-duty, detailed instructions for squeezing every drop of power from Windows XP and maximizing speed, appearance, and security
* Not for the faint of heart! This book is written for users who aren’t afraid to roll up their sleeves, risk voiding their warranties, take total control of the task bar, uninstall programs that are supposedly permanent, and beef up boot speed
* Mines gems like unlocking hidden settings, customizing boot screens, supercharging online and program launch speed, maximizing the file system and RAM, and dumping hated features for good
* Written by the creator of TweakXP.com, a site considered Mecca for Windows hackers and trusted by more than ten million Windows XP users worldwide
* Includes a hacker’s dream CD-ROM with a set of ready-to-install hacks, theme creation tools, custom boot screens, “undo” files that help the reader tinker with Windows XP’s registry, and a whole lot more.

Download

Rar password : www.warezfreak.org